Wed Jun 14 17:48:41 2017 UTC ()
Make the PMC syscalls privileged.


(maxv)
diff -r1.7 -r1.8 src/sys/arch/x86/x86/pmc.c
diff -r1.42 -r1.43 src/sys/secmodel/suser/secmodel_suser.c
diff -r1.73 -r1.74 src/sys/sys/kauth.h
cvs diff -r1.7 -r1.8 src/sys/arch/x86/x86/Attic/pmc.c (switch to unified diff)

--- src/sys/arch/x86/x86/Attic/pmc.c 2017/05/23 08:54:39 1.7
+++ src/sys/arch/x86/x86/Attic/pmc.c 2017/06/14 17:48:40 1.8
@@ -1,421 +1,438 @@ @@ -1,421 +1,438 @@
1/* $NetBSD: pmc.c,v 1.7 2017/05/23 08:54:39 nonaka Exp $ */ 1/* $NetBSD: pmc.c,v 1.8 2017/06/14 17:48:40 maxv Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2017 The NetBSD Foundation, Inc. 4 * Copyright (c) 2017 The NetBSD Foundation, Inc.
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * This code is derived from software contributed to The NetBSD Foundation 7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Maxime Villard. 8 * by Maxime Villard.
9 * 9 *
10 * Redistribution and use in source and binary forms, with or without 10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions 11 * modification, are permitted provided that the following conditions
12 * are met: 12 * are met:
13 * 1. Redistributions of source code must retain the above copyright 13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer. 14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the 16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution. 17 * documentation and/or other materials provided with the distribution.
18 * 18 *
19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE. 29 * POSSIBILITY OF SUCH DAMAGE.
30 */ 30 */
31 31
32/* 32/*
33 * Copyright (c) 2000 Zembu Labs, Inc. 33 * Copyright (c) 2000 Zembu Labs, Inc.
34 * All rights reserved. 34 * All rights reserved.
35 * 35 *
36 * Author: Jason R. Thorpe <thorpej@zembu.com> 36 * Author: Jason R. Thorpe <thorpej@zembu.com>
37 * 37 *
38 * Redistribution and use in source and binary forms, with or without 38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions 39 * modification, are permitted provided that the following conditions
40 * are met: 40 * are met:
41 * 1. Redistributions of source code must retain the above copyright 41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer. 42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright 43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the 44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution. 45 * documentation and/or other materials provided with the distribution.
46 * 3. All advertising materials mentioning features or use of this software 46 * 3. All advertising materials mentioning features or use of this software
47 * must display the following acknowledgement: 47 * must display the following acknowledgement:
48 * This product includes software developed by Zembu Labs, Inc. 48 * This product includes software developed by Zembu Labs, Inc.
49 * 4. Neither the name of Zembu Labs nor the names of its employees may 49 * 4. Neither the name of Zembu Labs nor the names of its employees may
50 * be used to endorse or promote products derived from this software 50 * be used to endorse or promote products derived from this software
51 * without specific prior written permission. 51 * without specific prior written permission.
52 * 52 *
53 * THIS SOFTWARE IS PROVIDED BY ZEMBU LABS, INC. ``AS IS'' AND ANY EXPRESS 53 * THIS SOFTWARE IS PROVIDED BY ZEMBU LABS, INC. ``AS IS'' AND ANY EXPRESS
54 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WAR- 54 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WAR-
55 * RANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DIS- 55 * RANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DIS-
56 * CLAIMED. IN NO EVENT SHALL ZEMBU LABS BE LIABLE FOR ANY DIRECT, INDIRECT, 56 * CLAIMED. IN NO EVENT SHALL ZEMBU LABS BE LIABLE FOR ANY DIRECT, INDIRECT,
57 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 57 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
58 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 58 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
59 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 59 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
60 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 60 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
61 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 61 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
62 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 62 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
63 */ 63 */
64 64
65/* 65/*
66 * Interface to x86 CPU Performance Counters. 66 * Interface to x86 CPU Performance Counters.
67 */ 67 */
68 68
69#include <sys/cdefs.h> 69#include <sys/cdefs.h>
70__KERNEL_RCSID(0, "$NetBSD: pmc.c,v 1.7 2017/05/23 08:54:39 nonaka Exp $"); 70__KERNEL_RCSID(0, "$NetBSD: pmc.c,v 1.8 2017/06/14 17:48:40 maxv Exp $");
71 71
72#include <sys/param.h> 72#include <sys/param.h>
73#include <sys/systm.h> 73#include <sys/systm.h>
74#include <sys/proc.h> 74#include <sys/proc.h>
75#include <sys/cpu.h> 75#include <sys/cpu.h>
76#include <sys/xcall.h> 76#include <sys/xcall.h>
 77#include <sys/kauth.h>
77 78
78#include <machine/cpufunc.h> 79#include <machine/cpufunc.h>
79#include <machine/cpuvar.h> 80#include <machine/cpuvar.h>
80#include <machine/specialreg.h> 81#include <machine/specialreg.h>
81#include <machine/sysarch.h> 82#include <machine/sysarch.h>
82#include <machine/pmc.h> 83#include <machine/pmc.h>
83#include <machine/cpu_counter.h> 84#include <machine/cpu_counter.h>
84#include <machine/cputypes.h> 85#include <machine/cputypes.h>
85#include <machine/i82489reg.h> 86#include <machine/i82489reg.h>
86#include <machine/i82489var.h> 87#include <machine/i82489var.h>
87 88
88#include <x86/nmi.h> 89#include <x86/nmi.h>
89 90
90#define NEVENTS_SAMPLE 500000 91#define NEVENTS_SAMPLE 500000
91 92
92typedef struct { 93typedef struct {
93 bool running; 94 bool running;
94 uint32_t evtmsr; /* event selector MSR */ 95 uint32_t evtmsr; /* event selector MSR */
95 uint64_t evtval; /* event selector value */ 96 uint64_t evtval; /* event selector value */
96 uint32_t ctrmsr; /* counter MSR */ 97 uint32_t ctrmsr; /* counter MSR */
97 uint64_t ctrinitval; /* initial counter value */ 98 uint64_t ctrinitval; /* initial counter value */
98 uint64_t ctrmaxval; /* maximal counter value */ 99 uint64_t ctrmaxval; /* maximal counter value */
99 uint64_t ctrmask; 100 uint64_t ctrmask;
100} pmc_state_t; 101} pmc_state_t;
101 102
102static nmi_handler_t *pmc_nmi_handle; 103static nmi_handler_t *pmc_nmi_handle;
103static uint32_t pmc_lapic_image[MAXCPUS]; 104static uint32_t pmc_lapic_image[MAXCPUS];
104 105
105static x86_pmc_cpuval_t pmc_val_cpus[MAXCPUS] __aligned(CACHE_LINE_SIZE); 106static x86_pmc_cpuval_t pmc_val_cpus[MAXCPUS] __aligned(CACHE_LINE_SIZE);
106static kmutex_t pmc_lock; 107static kmutex_t pmc_lock;
107 108
108static pmc_state_t pmc_state[PMC_NCOUNTERS]; 109static pmc_state_t pmc_state[PMC_NCOUNTERS];
109static uint32_t pmc_ncounters __read_mostly; 110static uint32_t pmc_ncounters __read_mostly;
110static int pmc_type __read_mostly; 111static int pmc_type __read_mostly;
111 112
112static int 113static int
113pmc_nmi(const struct trapframe *tf, void *dummy) 114pmc_nmi(const struct trapframe *tf, void *dummy)
114{ 115{
115 struct cpu_info *ci = curcpu(); 116 struct cpu_info *ci = curcpu();
116 pmc_state_t *pmc; 117 pmc_state_t *pmc;
117 size_t i; 118 size_t i;
118 119
119 if (pmc_type == PMC_TYPE_NONE) { 120 if (pmc_type == PMC_TYPE_NONE) {
120 return 0; 121 return 0;
121 } 122 }
122 for (i = 0; i < pmc_ncounters; i++) { 123 for (i = 0; i < pmc_ncounters; i++) {
123 pmc = &pmc_state[i]; 124 pmc = &pmc_state[i];
124 if (!pmc->running) { 125 if (!pmc->running) {
125 continue; 126 continue;
126 } 127 }
127 /* XXX make sure it really comes from this PMC */ 128 /* XXX make sure it really comes from this PMC */
128 break; 129 break;
129 } 130 }
130 if (i == pmc_ncounters) { 131 if (i == pmc_ncounters) {
131 return 0; 132 return 0;
132 } 133 }
133 134
134 /* Count the overflow, and restart the counter */ 135 /* Count the overflow, and restart the counter */
135 pmc_val_cpus[cpu_index(ci)].overfl++; 136 pmc_val_cpus[cpu_index(ci)].overfl++;
136 wrmsr(pmc->ctrmsr, pmc->ctrinitval); 137 wrmsr(pmc->ctrmsr, pmc->ctrinitval);
137 138
138 return 1; 139 return 1;
139} 140}
140 141
141static void 142static void
142pmc_read_cpu(void *arg1, void *arg2) 143pmc_read_cpu(void *arg1, void *arg2)
143{ 144{
144 pmc_state_t *pmc = (pmc_state_t *)arg1; 145 pmc_state_t *pmc = (pmc_state_t *)arg1;
145 struct cpu_info *ci = curcpu(); 146 struct cpu_info *ci = curcpu();
146 147
147 pmc_val_cpus[cpu_index(ci)].ctrval = 148 pmc_val_cpus[cpu_index(ci)].ctrval =
148 (rdmsr(pmc->ctrmsr) & pmc->ctrmask) - pmc->ctrinitval; 149 (rdmsr(pmc->ctrmsr) & pmc->ctrmask) - pmc->ctrinitval;
149} 150}
150 151
151static void 152static void
152pmc_apply_cpu(void *arg1, void *arg2) 153pmc_apply_cpu(void *arg1, void *arg2)
153{ 154{
154 pmc_state_t *pmc = (pmc_state_t *)arg1; 155 pmc_state_t *pmc = (pmc_state_t *)arg1;
155 bool start = (bool)arg2; 156 bool start = (bool)arg2;
156 struct cpu_info *ci = curcpu(); 157 struct cpu_info *ci = curcpu();
157 158
158 if (start) { 159 if (start) {
159 pmc_lapic_image[cpu_index(ci)] = lapic_readreg(LAPIC_PCINT); 160 pmc_lapic_image[cpu_index(ci)] = lapic_readreg(LAPIC_PCINT);
160 lapic_writereg(LAPIC_PCINT, LAPIC_DLMODE_NMI); 161 lapic_writereg(LAPIC_PCINT, LAPIC_DLMODE_NMI);
161 } 162 }
162 163
163 wrmsr(pmc->ctrmsr, pmc->ctrinitval); 164 wrmsr(pmc->ctrmsr, pmc->ctrinitval);
164 switch (pmc_type) { 165 switch (pmc_type) {
165 case PMC_TYPE_I686: 166 case PMC_TYPE_I686:
166 case PMC_TYPE_K7: 167 case PMC_TYPE_K7:
167 case PMC_TYPE_F10H: 168 case PMC_TYPE_F10H:
168 wrmsr(pmc->evtmsr, pmc->evtval); 169 wrmsr(pmc->evtmsr, pmc->evtval);
169 break; 170 break;
170 } 171 }
171 172
172 pmc_val_cpus[cpu_index(ci)].ctrval = 0; 173 pmc_val_cpus[cpu_index(ci)].ctrval = 0;
173 pmc_val_cpus[cpu_index(ci)].overfl = 0; 174 pmc_val_cpus[cpu_index(ci)].overfl = 0;
174 175
175 if (!start) { 176 if (!start) {
176 lapic_writereg(LAPIC_PCINT, pmc_lapic_image[cpu_index(ci)]); 177 lapic_writereg(LAPIC_PCINT, pmc_lapic_image[cpu_index(ci)]);
177 } 178 }
178} 179}
179 180
180static void 181static void
181pmc_read(pmc_state_t *pmc) 182pmc_read(pmc_state_t *pmc)
182{ 183{
183 uint64_t xc; 184 uint64_t xc;
184 185
185 xc = xc_broadcast(0, pmc_read_cpu, pmc, NULL); 186 xc = xc_broadcast(0, pmc_read_cpu, pmc, NULL);
186 xc_wait(xc); 187 xc_wait(xc);
187} 188}
188 189
189static void 190static void
190pmc_apply(pmc_state_t *pmc, bool start) 191pmc_apply(pmc_state_t *pmc, bool start)
191{ 192{
192 uint64_t xc; 193 uint64_t xc;
193 194
194 xc = xc_broadcast(0, pmc_apply_cpu, pmc, (void *)start); 195 xc = xc_broadcast(0, pmc_apply_cpu, pmc, (void *)start);
195 xc_wait(xc); 196 xc_wait(xc);
196 197
197 pmc->running = start; 198 pmc->running = start;
198} 199}
199 200
200static void 201static void
201pmc_start(pmc_state_t *pmc, struct x86_pmc_startstop_args *args) 202pmc_start(pmc_state_t *pmc, struct x86_pmc_startstop_args *args)
202{ 203{
203 uint64_t event, unit; 204 uint64_t event, unit;
204 205
205 /* 206 /*
206 * Initialize the counter MSR. 207 * Initialize the counter MSR.
207 */ 208 */
208 pmc->ctrinitval = pmc->ctrmaxval - NEVENTS_SAMPLE; 209 pmc->ctrinitval = pmc->ctrmaxval - NEVENTS_SAMPLE;
209 210
210 /* 211 /*
211 * Initialize the event MSR. 212 * Initialize the event MSR.
212 */ 213 */
213 switch (pmc_type) { 214 switch (pmc_type) {
214 case PMC_TYPE_I686: 215 case PMC_TYPE_I686:
215 pmc->evtval = args->event | PMC6_EVTSEL_EN | PMC6_EVTSEL_INT | 216 pmc->evtval = args->event | PMC6_EVTSEL_EN | PMC6_EVTSEL_INT |
216 (args->unit << PMC6_EVTSEL_UNIT_SHIFT) | 217 (args->unit << PMC6_EVTSEL_UNIT_SHIFT) |
217 ((args->flags & PMC_SETUP_KERNEL) ? PMC6_EVTSEL_OS : 0) | 218 ((args->flags & PMC_SETUP_KERNEL) ? PMC6_EVTSEL_OS : 0) |
218 ((args->flags & PMC_SETUP_USER) ? PMC6_EVTSEL_USR : 0) | 219 ((args->flags & PMC_SETUP_USER) ? PMC6_EVTSEL_USR : 0) |
219 ((args->flags & PMC_SETUP_EDGE) ? PMC6_EVTSEL_E : 0) | 220 ((args->flags & PMC_SETUP_EDGE) ? PMC6_EVTSEL_E : 0) |
220 ((args->flags & PMC_SETUP_INV) ? PMC6_EVTSEL_INV : 0) | 221 ((args->flags & PMC_SETUP_INV) ? PMC6_EVTSEL_INV : 0) |
221 (args->compare << PMC6_EVTSEL_COUNTER_MASK_SHIFT); 222 (args->compare << PMC6_EVTSEL_COUNTER_MASK_SHIFT);
222 break; 223 break;
223 224
224 case PMC_TYPE_K7: 225 case PMC_TYPE_K7:
225 event = (args->event & K7_EVTSEL_EVENT); 226 event = (args->event & K7_EVTSEL_EVENT);
226 unit = (args->unit << K7_EVTSEL_UNIT_SHIFT) & 227 unit = (args->unit << K7_EVTSEL_UNIT_SHIFT) &
227 K7_EVTSEL_UNIT; 228 K7_EVTSEL_UNIT;
228 pmc->evtval = event | unit | K7_EVTSEL_EN | K7_EVTSEL_INT | 229 pmc->evtval = event | unit | K7_EVTSEL_EN | K7_EVTSEL_INT |
229 ((args->flags & PMC_SETUP_KERNEL) ? K7_EVTSEL_OS : 0) | 230 ((args->flags & PMC_SETUP_KERNEL) ? K7_EVTSEL_OS : 0) |
230 ((args->flags & PMC_SETUP_USER) ? K7_EVTSEL_USR : 0) | 231 ((args->flags & PMC_SETUP_USER) ? K7_EVTSEL_USR : 0) |
231 ((args->flags & PMC_SETUP_EDGE) ? K7_EVTSEL_E : 0) | 232 ((args->flags & PMC_SETUP_EDGE) ? K7_EVTSEL_E : 0) |
232 ((args->flags & PMC_SETUP_INV) ? K7_EVTSEL_INV : 0) | 233 ((args->flags & PMC_SETUP_INV) ? K7_EVTSEL_INV : 0) |
233 (args->compare << K7_EVTSEL_COUNTER_MASK_SHIFT); 234 (args->compare << K7_EVTSEL_COUNTER_MASK_SHIFT);
234 break; 235 break;
235 236
236 case PMC_TYPE_F10H: 237 case PMC_TYPE_F10H:
237 event = 238 event =
238 ((uint64_t)(args->event & 0x00FF) << 239 ((uint64_t)(args->event & 0x00FF) <<
239 F10H_EVTSEL_EVENT_SHIFT_LOW) | 240 F10H_EVTSEL_EVENT_SHIFT_LOW) |
240 ((uint64_t)(args->event & 0x0F00) << 241 ((uint64_t)(args->event & 0x0F00) <<
241 F10H_EVTSEL_EVENT_SHIFT_HIGH); 242 F10H_EVTSEL_EVENT_SHIFT_HIGH);
242 unit = (args->unit << F10H_EVTSEL_UNIT_SHIFT) & 243 unit = (args->unit << F10H_EVTSEL_UNIT_SHIFT) &
243 F10H_EVTSEL_UNIT_MASK; 244 F10H_EVTSEL_UNIT_MASK;
244 pmc->evtval = event | unit | F10H_EVTSEL_EN | F10H_EVTSEL_INT | 245 pmc->evtval = event | unit | F10H_EVTSEL_EN | F10H_EVTSEL_INT |
245 ((args->flags & PMC_SETUP_KERNEL) ? F10H_EVTSEL_OS : 0) | 246 ((args->flags & PMC_SETUP_KERNEL) ? F10H_EVTSEL_OS : 0) |
246 ((args->flags & PMC_SETUP_USER) ? F10H_EVTSEL_USR : 0) | 247 ((args->flags & PMC_SETUP_USER) ? F10H_EVTSEL_USR : 0) |
247 ((args->flags & PMC_SETUP_EDGE) ? F10H_EVTSEL_EDGE : 0) | 248 ((args->flags & PMC_SETUP_EDGE) ? F10H_EVTSEL_EDGE : 0) |
248 ((args->flags & PMC_SETUP_INV) ? F10H_EVTSEL_INV : 0) | 249 ((args->flags & PMC_SETUP_INV) ? F10H_EVTSEL_INV : 0) |
249 (args->compare << F10H_EVTSEL_COUNTER_MASK_SHIFT); 250 (args->compare << F10H_EVTSEL_COUNTER_MASK_SHIFT);
250 break; 251 break;
251 } 252 }
252 253
253 /* 254 /*
254 * Apply the changes. 255 * Apply the changes.
255 */ 256 */
256 pmc_apply(pmc, true); 257 pmc_apply(pmc, true);
257} 258}
258 259
259static void 260static void
260pmc_stop(pmc_state_t *pmc, struct x86_pmc_startstop_args *args) 261pmc_stop(pmc_state_t *pmc, struct x86_pmc_startstop_args *args)
261{ 262{
262 pmc->evtval = 0; 263 pmc->evtval = 0;
263 pmc->ctrinitval = 0; 264 pmc->ctrinitval = 0;
264 pmc_apply(pmc, false); 265 pmc_apply(pmc, false);
265} 266}
266 267
267void 268void
268pmc_init(void) 269pmc_init(void)
269{ 270{
270 const char *cpu_vendorstr; 271 const char *cpu_vendorstr;
271 struct cpu_info *ci; 272 struct cpu_info *ci;
272 size_t i; 273 size_t i;
273 274
274 pmc_type = PMC_TYPE_NONE; 275 pmc_type = PMC_TYPE_NONE;
275 276
276 if (cpu_class != CPUCLASS_686) 277 if (cpu_class != CPUCLASS_686)
277 return; 278 return;
278 279
279 ci = curcpu(); 280 ci = curcpu();
280 cpu_vendorstr = (char *)ci->ci_vendor; 281 cpu_vendorstr = (char *)ci->ci_vendor;
281 282
282 if (strncmp(cpu_vendorstr, "GenuineIntel", 12) == 0) { 283 if (strncmp(cpu_vendorstr, "GenuineIntel", 12) == 0) {
283 /* Right now we're missing Pentium 4 support. */ 284 /* Right now we're missing Pentium 4 support. */
284 if (cpuid_level == -1 || 285 if (cpuid_level == -1 ||
285 CPUID_TO_FAMILY(ci->ci_signature) == CPU_FAMILY_P4) 286 CPUID_TO_FAMILY(ci->ci_signature) == CPU_FAMILY_P4)
286 return; 287 return;
287 pmc_type = PMC_TYPE_I686; 288 pmc_type = PMC_TYPE_I686;
288 pmc_ncounters = 2; 289 pmc_ncounters = 2;
289 for (i = 0; i < pmc_ncounters; i++) { 290 for (i = 0; i < pmc_ncounters; i++) {
290 pmc_state[i].evtmsr = MSR_EVNTSEL0 + i; 291 pmc_state[i].evtmsr = MSR_EVNTSEL0 + i;
291 pmc_state[i].ctrmsr = MSR_PERFCTR0 + i; 292 pmc_state[i].ctrmsr = MSR_PERFCTR0 + i;
292 pmc_state[i].ctrmaxval = (UINT64_C(1) << 40) - 1; 293 pmc_state[i].ctrmaxval = (UINT64_C(1) << 40) - 1;
293 pmc_state[i].ctrmask = 0xFFFFFFFFFFULL; 294 pmc_state[i].ctrmask = 0xFFFFFFFFFFULL;
294 } 295 }
295 } else if (strncmp(cpu_vendorstr, "AuthenticAMD", 12) == 0) { 296 } else if (strncmp(cpu_vendorstr, "AuthenticAMD", 12) == 0) {
296 if (CPUID_TO_FAMILY(ci->ci_signature) == 0x10) { 297 if (CPUID_TO_FAMILY(ci->ci_signature) == 0x10) {
297 pmc_type = PMC_TYPE_F10H; 298 pmc_type = PMC_TYPE_F10H;
298 pmc_ncounters = 4; 299 pmc_ncounters = 4;
299 for (i = 0; i < pmc_ncounters; i++) { 300 for (i = 0; i < pmc_ncounters; i++) {
300 pmc_state[i].evtmsr = MSR_F10H_EVNTSEL0 + i; 301 pmc_state[i].evtmsr = MSR_F10H_EVNTSEL0 + i;
301 pmc_state[i].ctrmsr = MSR_F10H_PERFCTR0 + i; 302 pmc_state[i].ctrmsr = MSR_F10H_PERFCTR0 + i;
302 pmc_state[i].ctrmaxval = 303 pmc_state[i].ctrmaxval =
303 (UINT64_C(1) << 48) - 1; 304 (UINT64_C(1) << 48) - 1;
304 pmc_state[i].ctrmask = 0xFFFFFFFFFFFFULL; 305 pmc_state[i].ctrmask = 0xFFFFFFFFFFFFULL;
305 } 306 }
306 } else { 307 } else {
307 /* XXX: make sure it is at least K7 */ 308 /* XXX: make sure it is at least K7 */
308 pmc_type = PMC_TYPE_K7; 309 pmc_type = PMC_TYPE_K7;
309 pmc_ncounters = 4; 310 pmc_ncounters = 4;
310 for (i = 0; i < pmc_ncounters; i++) { 311 for (i = 0; i < pmc_ncounters; i++) {
311 pmc_state[i].evtmsr = MSR_K7_EVNTSEL0 + i; 312 pmc_state[i].evtmsr = MSR_K7_EVNTSEL0 + i;
312 pmc_state[i].ctrmsr = MSR_K7_PERFCTR0 + i; 313 pmc_state[i].ctrmsr = MSR_K7_PERFCTR0 + i;
313 pmc_state[i].ctrmaxval = 314 pmc_state[i].ctrmaxval =
314 (UINT64_C(1) << 48) - 1; 315 (UINT64_C(1) << 48) - 1;
315 pmc_state[i].ctrmask = 0xFFFFFFFFFFFFULL; 316 pmc_state[i].ctrmask = 0xFFFFFFFFFFFFULL;
316 } 317 }
317 } 318 }
318 } 319 }
319 320
320 pmc_nmi_handle = nmi_establish(pmc_nmi, NULL); 321 pmc_nmi_handle = nmi_establish(pmc_nmi, NULL);
321 mutex_init(&pmc_lock, MUTEX_DEFAULT, IPL_NONE); 322 mutex_init(&pmc_lock, MUTEX_DEFAULT, IPL_NONE);
322} 323}
323 324
324int 325int
325sys_pmc_info(struct lwp *l, struct x86_pmc_info_args *uargs, register_t *retval) 326sys_pmc_info(struct lwp *l, struct x86_pmc_info_args *uargs, register_t *retval)
326{ 327{
327 struct x86_pmc_info_args rv; 328 struct x86_pmc_info_args rv;
 329 int error;
 330
 331 error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_X86PMC,
 332 NULL, NULL, NULL, NULL);
 333 if (error)
 334 return error;
328 335
329 memset(&rv, 0, sizeof(rv)); 336 memset(&rv, 0, sizeof(rv));
330 337
331 rv.vers = PMC_VERSION; 338 rv.vers = PMC_VERSION;
332 rv.type = pmc_type; 339 rv.type = pmc_type;
333 rv.nctrs = pmc_ncounters; 340 rv.nctrs = pmc_ncounters;
334 341
335 return copyout(&rv, uargs, sizeof(rv)); 342 return copyout(&rv, uargs, sizeof(rv));
336} 343}
337 344
338int 345int
339sys_pmc_startstop(struct lwp *l, struct x86_pmc_startstop_args *uargs, 346sys_pmc_startstop(struct lwp *l, struct x86_pmc_startstop_args *uargs,
340 register_t *retval) 347 register_t *retval)
341{ 348{
342 struct x86_pmc_startstop_args args; 349 struct x86_pmc_startstop_args args;
343 pmc_state_t *pmc; 350 pmc_state_t *pmc;
344 bool start; 351 bool start;
345 int error; 352 int error;
346 353
 354 error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_X86PMC,
 355 NULL, NULL, NULL, NULL);
 356 if (error)
 357 return error;
 358
347 if (pmc_type == PMC_TYPE_NONE) 359 if (pmc_type == PMC_TYPE_NONE)
348 return ENODEV; 360 return ENODEV;
349 361
350 error = copyin(uargs, &args, sizeof(args)); 362 error = copyin(uargs, &args, sizeof(args));
351 if (error) 363 if (error)
352 return error; 364 return error;
353 365
354 if (args.counter >= pmc_ncounters) 366 if (args.counter >= pmc_ncounters)
355 return EINVAL; 367 return EINVAL;
356 368
357 start = (args.flags & (PMC_SETUP_KERNEL|PMC_SETUP_USER)) != 0; 369 start = (args.flags & (PMC_SETUP_KERNEL|PMC_SETUP_USER)) != 0;
358 pmc = &pmc_state[args.counter]; 370 pmc = &pmc_state[args.counter];
359 371
360 mutex_enter(&pmc_lock); 372 mutex_enter(&pmc_lock);
361 373
362 if (start && pmc->running) { 374 if (start && pmc->running) {
363 mutex_exit(&pmc_lock); 375 mutex_exit(&pmc_lock);
364 return EBUSY; 376 return EBUSY;
365 } else if (!start && !pmc->running) { 377 } else if (!start && !pmc->running) {
366 mutex_exit(&pmc_lock); 378 mutex_exit(&pmc_lock);
367 return 0; 379 return 0;
368 } 380 }
369 381
370 if (start) { 382 if (start) {
371 pmc_start(pmc, &args); 383 pmc_start(pmc, &args);
372 } else { 384 } else {
373 pmc_stop(pmc, &args); 385 pmc_stop(pmc, &args);
374 } 386 }
375 387
376 mutex_exit(&pmc_lock); 388 mutex_exit(&pmc_lock);
377 389
378 return 0; 390 return 0;
379} 391}
380 392
381int 393int
382sys_pmc_read(struct lwp *l, struct x86_pmc_read_args *uargs, register_t *retval) 394sys_pmc_read(struct lwp *l, struct x86_pmc_read_args *uargs, register_t *retval)
383{ 395{
384 struct x86_pmc_read_args args; 396 struct x86_pmc_read_args args;
385 pmc_state_t *pmc; 397 pmc_state_t *pmc;
386 size_t nval; 398 size_t nval;
387 int error; 399 int error;
388 400
 401 error = kauth_authorize_machdep(l->l_cred, KAUTH_MACHDEP_X86PMC,
 402 NULL, NULL, NULL, NULL);
 403 if (error)
 404 return error;
 405
389 if (pmc_type == PMC_TYPE_NONE) 406 if (pmc_type == PMC_TYPE_NONE)
390 return ENODEV; 407 return ENODEV;
391 408
392 error = copyin(uargs, &args, sizeof(args)); 409 error = copyin(uargs, &args, sizeof(args));
393 if (error) 410 if (error)
394 return error; 411 return error;
395 412
396 if (args.counter >= pmc_ncounters) 413 if (args.counter >= pmc_ncounters)
397 return EINVAL; 414 return EINVAL;
398 if (args.values == NULL) 415 if (args.values == NULL)
399 return EINVAL; 416 return EINVAL;
400 nval = MIN(ncpu, args.nval); 417 nval = MIN(ncpu, args.nval);
401 418
402 pmc = &pmc_state[args.counter]; 419 pmc = &pmc_state[args.counter];
403 420
404 mutex_enter(&pmc_lock); 421 mutex_enter(&pmc_lock);
405 422
406 if (pmc->running) { 423 if (pmc->running) {
407 pmc_read(pmc); 424 pmc_read(pmc);
408 error = copyout(&pmc_val_cpus, args.values, 425 error = copyout(&pmc_val_cpus, args.values,
409 nval * sizeof(x86_pmc_cpuval_t)); 426 nval * sizeof(x86_pmc_cpuval_t));
410 args.nval = nval; 427 args.nval = nval;
411 } else { 428 } else {
412 error = ENOENT; 429 error = ENOENT;
413 } 430 }
414 431
415 mutex_exit(&pmc_lock); 432 mutex_exit(&pmc_lock);
416 433
417 if (error) 434 if (error)
418 return error; 435 return error;
419 436
420 return copyout(&args, uargs, sizeof(args)); 437 return copyout(&args, uargs, sizeof(args));
421} 438}
cvs diff -r1.42 -r1.43 src/sys/secmodel/suser/secmodel_suser.c (switch to unified diff)

--- src/sys/secmodel/suser/secmodel_suser.c 2015/08/17 06:16:03 1.42
+++ src/sys/secmodel/suser/secmodel_suser.c 2017/06/14 17:48:41 1.43
@@ -1,956 +1,957 @@ @@ -1,956 +1,957 @@
1/* $NetBSD: secmodel_suser.c,v 1.42 2015/08/17 06:16:03 knakahara Exp $ */ 1/* $NetBSD: secmodel_suser.c,v 1.43 2017/06/14 17:48:41 maxv Exp $ */
2/*- 2/*-
3 * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org> 3 * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
4 * All rights reserved. 4 * All rights reserved.
5 * 5 *
6 * Redistribution and use in source and binary forms, with or without 6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions 7 * modification, are permitted provided that the following conditions
8 * are met: 8 * are met:
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright 11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the 12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution. 13 * documentation and/or other materials provided with the distribution.
14 * 3. The name of the author may not be used to endorse or promote products 14 * 3. The name of the author may not be used to endorse or promote products
15 * derived from this software without specific prior written permission. 15 * derived from this software without specific prior written permission.
16 * 16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */ 27 */
28 28
29/* 29/*
30 * This file contains kauth(9) listeners needed to implement the traditional 30 * This file contains kauth(9) listeners needed to implement the traditional
31 * NetBSD superuser access restrictions. 31 * NetBSD superuser access restrictions.
32 * 32 *
33 * There are two main resources a request can be issued to: user-owned and 33 * There are two main resources a request can be issued to: user-owned and
34 * system owned. For the first, traditional Unix access checks are done, as 34 * system owned. For the first, traditional Unix access checks are done, as
35 * well as superuser checks. If needed, the request context is examined before 35 * well as superuser checks. If needed, the request context is examined before
36 * a decision is made. For the latter, usually only superuser checks are done 36 * a decision is made. For the latter, usually only superuser checks are done
37 * as normal users are not allowed to access system resources. 37 * as normal users are not allowed to access system resources.
38 */ 38 */
39 39
40#include <sys/cdefs.h> 40#include <sys/cdefs.h>
41__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.42 2015/08/17 06:16:03 knakahara Exp $"); 41__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.43 2017/06/14 17:48:41 maxv Exp $");
42 42
43#include <sys/types.h> 43#include <sys/types.h>
44#include <sys/param.h> 44#include <sys/param.h>
45#include <sys/kauth.h> 45#include <sys/kauth.h>
46 46
47#include <sys/mutex.h> 47#include <sys/mutex.h>
48#include <sys/mount.h> 48#include <sys/mount.h>
49#include <sys/socketvar.h> 49#include <sys/socketvar.h>
50#include <sys/sysctl.h> 50#include <sys/sysctl.h>
51#include <sys/vnode.h> 51#include <sys/vnode.h>
52#include <sys/proc.h> 52#include <sys/proc.h>
53#include <sys/module.h> 53#include <sys/module.h>
54 54
55#include <secmodel/secmodel.h> 55#include <secmodel/secmodel.h>
56#include <secmodel/suser/suser.h> 56#include <secmodel/suser/suser.h>
57 57
58MODULE(MODULE_CLASS_SECMODEL, suser, NULL); 58MODULE(MODULE_CLASS_SECMODEL, suser, NULL);
59 59
60static kauth_listener_t l_generic, l_system, l_process, l_network, l_machdep, 60static kauth_listener_t l_generic, l_system, l_process, l_network, l_machdep,
61 l_device, l_vnode; 61 l_device, l_vnode;
62 62
63static secmodel_t suser_sm; 63static secmodel_t suser_sm;
64static struct sysctllog *suser_sysctl_log; 64static struct sysctllog *suser_sysctl_log;
65 65
66void 66void
67sysctl_security_suser_setup(struct sysctllog **clog) 67sysctl_security_suser_setup(struct sysctllog **clog)
68{ 68{
69 const struct sysctlnode *rnode; 69 const struct sysctlnode *rnode;
70 70
71 sysctl_createv(clog, 0, NULL, &rnode, 71 sysctl_createv(clog, 0, NULL, &rnode,
72 CTLFLAG_PERMANENT, 72 CTLFLAG_PERMANENT,
73 CTLTYPE_NODE, "models", NULL, 73 CTLTYPE_NODE, "models", NULL,
74 NULL, 0, NULL, 0, 74 NULL, 0, NULL, 0,
75 CTL_SECURITY, CTL_CREATE, CTL_EOL); 75 CTL_SECURITY, CTL_CREATE, CTL_EOL);
76 76
77 sysctl_createv(clog, 0, &rnode, &rnode, 77 sysctl_createv(clog, 0, &rnode, &rnode,
78 CTLFLAG_PERMANENT, 78 CTLFLAG_PERMANENT,
79 CTLTYPE_NODE, "suser", NULL, 79 CTLTYPE_NODE, "suser", NULL,
80 NULL, 0, NULL, 0, 80 NULL, 0, NULL, 0,
81 CTL_CREATE, CTL_EOL); 81 CTL_CREATE, CTL_EOL);
82 82
83 sysctl_createv(clog, 0, &rnode, NULL, 83 sysctl_createv(clog, 0, &rnode, NULL,
84 CTLFLAG_PERMANENT, 84 CTLFLAG_PERMANENT,
85 CTLTYPE_STRING, "name", NULL, 85 CTLTYPE_STRING, "name", NULL,
86 NULL, 0, __UNCONST(SECMODEL_SUSER_NAME), 0, 86 NULL, 0, __UNCONST(SECMODEL_SUSER_NAME), 0,
87 CTL_CREATE, CTL_EOL); 87 CTL_CREATE, CTL_EOL);
88} 88}
89 89
90void 90void
91secmodel_suser_init(void) 91secmodel_suser_init(void)
92{ 92{
93 93
94} 94}
95 95
96void 96void
97secmodel_suser_start(void) 97secmodel_suser_start(void)
98{ 98{
99 l_generic = kauth_listen_scope(KAUTH_SCOPE_GENERIC, 99 l_generic = kauth_listen_scope(KAUTH_SCOPE_GENERIC,
100 secmodel_suser_generic_cb, NULL); 100 secmodel_suser_generic_cb, NULL);
101 l_system = kauth_listen_scope(KAUTH_SCOPE_SYSTEM, 101 l_system = kauth_listen_scope(KAUTH_SCOPE_SYSTEM,
102 secmodel_suser_system_cb, NULL); 102 secmodel_suser_system_cb, NULL);
103 l_process = kauth_listen_scope(KAUTH_SCOPE_PROCESS, 103 l_process = kauth_listen_scope(KAUTH_SCOPE_PROCESS,
104 secmodel_suser_process_cb, NULL); 104 secmodel_suser_process_cb, NULL);
105 l_network = kauth_listen_scope(KAUTH_SCOPE_NETWORK, 105 l_network = kauth_listen_scope(KAUTH_SCOPE_NETWORK,
106 secmodel_suser_network_cb, NULL); 106 secmodel_suser_network_cb, NULL);
107 l_machdep = kauth_listen_scope(KAUTH_SCOPE_MACHDEP, 107 l_machdep = kauth_listen_scope(KAUTH_SCOPE_MACHDEP,
108 secmodel_suser_machdep_cb, NULL); 108 secmodel_suser_machdep_cb, NULL);
109 l_device = kauth_listen_scope(KAUTH_SCOPE_DEVICE, 109 l_device = kauth_listen_scope(KAUTH_SCOPE_DEVICE,
110 secmodel_suser_device_cb, NULL); 110 secmodel_suser_device_cb, NULL);
111 l_vnode = kauth_listen_scope(KAUTH_SCOPE_VNODE, 111 l_vnode = kauth_listen_scope(KAUTH_SCOPE_VNODE,
112 secmodel_suser_vnode_cb, NULL); 112 secmodel_suser_vnode_cb, NULL);
113} 113}
114 114
115void 115void
116secmodel_suser_stop(void) 116secmodel_suser_stop(void)
117{ 117{
118 kauth_unlisten_scope(l_generic); 118 kauth_unlisten_scope(l_generic);
119 kauth_unlisten_scope(l_system); 119 kauth_unlisten_scope(l_system);
120 kauth_unlisten_scope(l_process); 120 kauth_unlisten_scope(l_process);
121 kauth_unlisten_scope(l_network); 121 kauth_unlisten_scope(l_network);
122 kauth_unlisten_scope(l_machdep); 122 kauth_unlisten_scope(l_machdep);
123 kauth_unlisten_scope(l_device); 123 kauth_unlisten_scope(l_device);
124 kauth_unlisten_scope(l_vnode); 124 kauth_unlisten_scope(l_vnode);
125} 125}
126 126
127static bool 127static bool
128suser_isroot(kauth_cred_t cred) 128suser_isroot(kauth_cred_t cred)
129{ 129{
130 return kauth_cred_geteuid(cred) == 0; 130 return kauth_cred_geteuid(cred) == 0;
131} 131}
132 132
133static int 133static int
134suser_eval(const char *what, void *arg, void *ret) 134suser_eval(const char *what, void *arg, void *ret)
135{ 135{
136 int error = 0; 136 int error = 0;
137 137
138 if (strcasecmp(what, "is-root") == 0) { 138 if (strcasecmp(what, "is-root") == 0) {
139 kauth_cred_t cred = arg; 139 kauth_cred_t cred = arg;
140 bool *bp = ret; 140 bool *bp = ret;
141 141
142 *bp = suser_isroot(cred); 142 *bp = suser_isroot(cred);
143 } else { 143 } else {
144 error = ENOENT; 144 error = ENOENT;
145 } 145 }
146 146
147 return error; 147 return error;
148} 148}
149 149
150static int 150static int
151suser_modcmd(modcmd_t cmd, void *arg) 151suser_modcmd(modcmd_t cmd, void *arg)
152{ 152{
153 int error = 0; 153 int error = 0;
154 154
155 switch (cmd) { 155 switch (cmd) {
156 case MODULE_CMD_INIT: 156 case MODULE_CMD_INIT:
157 error = secmodel_register(&suser_sm, 157 error = secmodel_register(&suser_sm,
158 SECMODEL_SUSER_ID, SECMODEL_SUSER_NAME, 158 SECMODEL_SUSER_ID, SECMODEL_SUSER_NAME,
159 NULL, suser_eval, NULL); 159 NULL, suser_eval, NULL);
160 if (error != 0) 160 if (error != 0)
161 printf("suser_modcmd::init: secmodel_register " 161 printf("suser_modcmd::init: secmodel_register "
162 "returned %d\n", error); 162 "returned %d\n", error);
163 163
164 secmodel_suser_init(); 164 secmodel_suser_init();
165 secmodel_suser_start(); 165 secmodel_suser_start();
166 sysctl_security_suser_setup(&suser_sysctl_log); 166 sysctl_security_suser_setup(&suser_sysctl_log);
167 break; 167 break;
168 168
169 case MODULE_CMD_FINI: 169 case MODULE_CMD_FINI:
170 sysctl_teardown(&suser_sysctl_log); 170 sysctl_teardown(&suser_sysctl_log);
171 secmodel_suser_stop(); 171 secmodel_suser_stop();
172 172
173 error = secmodel_deregister(suser_sm); 173 error = secmodel_deregister(suser_sm);
174 if (error != 0) 174 if (error != 0)
175 printf("suser_modcmd::fini: secmodel_deregister " 175 printf("suser_modcmd::fini: secmodel_deregister "
176 "returned %d\n", error); 176 "returned %d\n", error);
177 177
178 break; 178 break;
179 179
180 case MODULE_CMD_AUTOUNLOAD: 180 case MODULE_CMD_AUTOUNLOAD:
181 error = EPERM; 181 error = EPERM;
182 break; 182 break;
183 183
184 default: 184 default:
185 error = ENOTTY; 185 error = ENOTTY;
186 break; 186 break;
187 } 187 }
188 188
189 return (error); 189 return (error);
190} 190}
191 191
192/* 192/*
193 * kauth(9) listener 193 * kauth(9) listener
194 * 194 *
195 * Security model: Traditional NetBSD 195 * Security model: Traditional NetBSD
196 * Scope: Generic 196 * Scope: Generic
197 * Responsibility: Superuser access 197 * Responsibility: Superuser access
198 */ 198 */
199int 199int
200secmodel_suser_generic_cb(kauth_cred_t cred, kauth_action_t action, 200secmodel_suser_generic_cb(kauth_cred_t cred, kauth_action_t action,
201 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 201 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
202{ 202{
203 bool isroot; 203 bool isroot;
204 int result; 204 int result;
205 205
206 isroot = suser_isroot(cred); 206 isroot = suser_isroot(cred);
207 result = KAUTH_RESULT_DEFER; 207 result = KAUTH_RESULT_DEFER;
208 208
209 switch (action) { 209 switch (action) {
210 case KAUTH_GENERIC_ISSUSER: 210 case KAUTH_GENERIC_ISSUSER:
211 if (isroot) 211 if (isroot)
212 result = KAUTH_RESULT_ALLOW; 212 result = KAUTH_RESULT_ALLOW;
213 break; 213 break;
214 214
215 default: 215 default:
216 break; 216 break;
217 } 217 }
218 218
219 return (result); 219 return (result);
220} 220}
221 221
222/* 222/*
223 * kauth(9) listener 223 * kauth(9) listener
224 * 224 *
225 * Security model: Traditional NetBSD 225 * Security model: Traditional NetBSD
226 * Scope: System 226 * Scope: System
227 * Responsibility: Superuser access 227 * Responsibility: Superuser access
228 */ 228 */
229int 229int
230secmodel_suser_system_cb(kauth_cred_t cred, kauth_action_t action, 230secmodel_suser_system_cb(kauth_cred_t cred, kauth_action_t action,
231 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 231 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
232{ 232{
233 bool isroot; 233 bool isroot;
234 int result; 234 int result;
235 enum kauth_system_req req; 235 enum kauth_system_req req;
236 236
237 isroot = suser_isroot(cred); 237 isroot = suser_isroot(cred);
238 result = KAUTH_RESULT_DEFER; 238 result = KAUTH_RESULT_DEFER;
239 req = (enum kauth_system_req)arg0; 239 req = (enum kauth_system_req)arg0;
240 240
241 switch (action) { 241 switch (action) {
242 case KAUTH_SYSTEM_CPU: 242 case KAUTH_SYSTEM_CPU:
243 switch (req) { 243 switch (req) {
244 case KAUTH_REQ_SYSTEM_CPU_SETSTATE: 244 case KAUTH_REQ_SYSTEM_CPU_SETSTATE:
245 if (isroot) 245 if (isroot)
246 result = KAUTH_RESULT_ALLOW; 246 result = KAUTH_RESULT_ALLOW;
247 247
248 break; 248 break;
249 249
250 default: 250 default:
251 break; 251 break;
252 } 252 }
253 253
254 break; 254 break;
255 255
256 case KAUTH_SYSTEM_DEVMAPPER: 256 case KAUTH_SYSTEM_DEVMAPPER:
257 if (isroot) 257 if (isroot)
258 result = KAUTH_RESULT_ALLOW; 258 result = KAUTH_RESULT_ALLOW;
259 259
260 break; 260 break;
261 261
262 case KAUTH_SYSTEM_FS_QUOTA: 262 case KAUTH_SYSTEM_FS_QUOTA:
263 switch (req) { 263 switch (req) {
264 case KAUTH_REQ_SYSTEM_FS_QUOTA_GET: 264 case KAUTH_REQ_SYSTEM_FS_QUOTA_GET:
265 case KAUTH_REQ_SYSTEM_FS_QUOTA_ONOFF: 265 case KAUTH_REQ_SYSTEM_FS_QUOTA_ONOFF:
266 case KAUTH_REQ_SYSTEM_FS_QUOTA_MANAGE: 266 case KAUTH_REQ_SYSTEM_FS_QUOTA_MANAGE:
267 case KAUTH_REQ_SYSTEM_FS_QUOTA_NOLIMIT: 267 case KAUTH_REQ_SYSTEM_FS_QUOTA_NOLIMIT:
268 if (isroot) 268 if (isroot)
269 result = KAUTH_RESULT_ALLOW; 269 result = KAUTH_RESULT_ALLOW;
270 break; 270 break;
271 271
272 default: 272 default:
273 break; 273 break;
274 } 274 }
275 275
276 break; 276 break;
277 277
278 case KAUTH_SYSTEM_SYSVIPC: 278 case KAUTH_SYSTEM_SYSVIPC:
279 switch (req) { 279 switch (req) {
280 case KAUTH_REQ_SYSTEM_SYSVIPC_BYPASS: 280 case KAUTH_REQ_SYSTEM_SYSVIPC_BYPASS:
281 case KAUTH_REQ_SYSTEM_SYSVIPC_SHM_LOCK: 281 case KAUTH_REQ_SYSTEM_SYSVIPC_SHM_LOCK:
282 case KAUTH_REQ_SYSTEM_SYSVIPC_SHM_UNLOCK: 282 case KAUTH_REQ_SYSTEM_SYSVIPC_SHM_UNLOCK:
283 case KAUTH_REQ_SYSTEM_SYSVIPC_MSGQ_OVERSIZE: 283 case KAUTH_REQ_SYSTEM_SYSVIPC_MSGQ_OVERSIZE:
284 if (isroot) 284 if (isroot)
285 result = KAUTH_RESULT_ALLOW; 285 result = KAUTH_RESULT_ALLOW;
286 286
287 break; 287 break;
288 288
289 default: 289 default:
290 break; 290 break;
291 } 291 }
292 292
293 break; 293 break;
294 294
295 case KAUTH_SYSTEM_MOUNT: 295 case KAUTH_SYSTEM_MOUNT:
296 switch (req) { 296 switch (req) {
297 case KAUTH_REQ_SYSTEM_MOUNT_DEVICE: 297 case KAUTH_REQ_SYSTEM_MOUNT_DEVICE:
298 case KAUTH_REQ_SYSTEM_MOUNT_GET: 298 case KAUTH_REQ_SYSTEM_MOUNT_GET:
299 case KAUTH_REQ_SYSTEM_MOUNT_NEW: 299 case KAUTH_REQ_SYSTEM_MOUNT_NEW:
300 case KAUTH_REQ_SYSTEM_MOUNT_UNMOUNT: 300 case KAUTH_REQ_SYSTEM_MOUNT_UNMOUNT:
301 case KAUTH_REQ_SYSTEM_MOUNT_UPDATE: 301 case KAUTH_REQ_SYSTEM_MOUNT_UPDATE:
302 case KAUTH_REQ_SYSTEM_MOUNT_UMAP: 302 case KAUTH_REQ_SYSTEM_MOUNT_UMAP:
303 if (isroot) { 303 if (isroot) {
304 result = KAUTH_RESULT_ALLOW; 304 result = KAUTH_RESULT_ALLOW;
305 break; 305 break;
306 } 306 }
307 307
308 break; 308 break;
309 309
310 default: 310 default:
311 break; 311 break;
312 } 312 }
313 313
314 break; 314 break;
315 315
316 case KAUTH_SYSTEM_MQUEUE: 316 case KAUTH_SYSTEM_MQUEUE:
317 if (isroot) 317 if (isroot)
318 result = KAUTH_RESULT_ALLOW; 318 result = KAUTH_RESULT_ALLOW;
319 319
320 break; 320 break;
321 321
322 case KAUTH_SYSTEM_PSET: 322 case KAUTH_SYSTEM_PSET:
323 switch (req) { 323 switch (req) {
324 case KAUTH_REQ_SYSTEM_PSET_ASSIGN: 324 case KAUTH_REQ_SYSTEM_PSET_ASSIGN:
325 case KAUTH_REQ_SYSTEM_PSET_BIND: 325 case KAUTH_REQ_SYSTEM_PSET_BIND:
326 case KAUTH_REQ_SYSTEM_PSET_CREATE: 326 case KAUTH_REQ_SYSTEM_PSET_CREATE:
327 case KAUTH_REQ_SYSTEM_PSET_DESTROY: 327 case KAUTH_REQ_SYSTEM_PSET_DESTROY:
328 if (isroot) 328 if (isroot)
329 result = KAUTH_RESULT_ALLOW; 329 result = KAUTH_RESULT_ALLOW;
330 330
331 break; 331 break;
332 332
333 default: 333 default:
334 break; 334 break;
335 } 335 }
336 336
337 break; 337 break;
338 338
339 case KAUTH_SYSTEM_TIME: 339 case KAUTH_SYSTEM_TIME:
340 switch (req) { 340 switch (req) {
341 case KAUTH_REQ_SYSTEM_TIME_ADJTIME: 341 case KAUTH_REQ_SYSTEM_TIME_ADJTIME:
342 case KAUTH_REQ_SYSTEM_TIME_NTPADJTIME: 342 case KAUTH_REQ_SYSTEM_TIME_NTPADJTIME:
343 case KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS: 343 case KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS:
344 case KAUTH_REQ_SYSTEM_TIME_SYSTEM: 344 case KAUTH_REQ_SYSTEM_TIME_SYSTEM:
345 case KAUTH_REQ_SYSTEM_TIME_RTCOFFSET: 345 case KAUTH_REQ_SYSTEM_TIME_RTCOFFSET:
346 if (isroot) 346 if (isroot)
347 result = KAUTH_RESULT_ALLOW; 347 result = KAUTH_RESULT_ALLOW;
348 break; 348 break;
349 349
350 default: 350 default:
351 break; 351 break;
352 } 352 }
353 break; 353 break;
354 354
355 case KAUTH_SYSTEM_SEMAPHORE: 355 case KAUTH_SYSTEM_SEMAPHORE:
356 if (isroot) 356 if (isroot)
357 result = KAUTH_RESULT_ALLOW; 357 result = KAUTH_RESULT_ALLOW;
358 358
359 break; 359 break;
360 360
361 case KAUTH_SYSTEM_SYSCTL: 361 case KAUTH_SYSTEM_SYSCTL:
362 switch (req) { 362 switch (req) {
363 case KAUTH_REQ_SYSTEM_SYSCTL_ADD: 363 case KAUTH_REQ_SYSTEM_SYSCTL_ADD:
364 case KAUTH_REQ_SYSTEM_SYSCTL_DELETE: 364 case KAUTH_REQ_SYSTEM_SYSCTL_DELETE:
365 case KAUTH_REQ_SYSTEM_SYSCTL_DESC: 365 case KAUTH_REQ_SYSTEM_SYSCTL_DESC:
366 case KAUTH_REQ_SYSTEM_SYSCTL_MODIFY: 366 case KAUTH_REQ_SYSTEM_SYSCTL_MODIFY:
367 case KAUTH_REQ_SYSTEM_SYSCTL_PRVT: 367 case KAUTH_REQ_SYSTEM_SYSCTL_PRVT:
368 if (isroot) 368 if (isroot)
369 result = KAUTH_RESULT_ALLOW; 369 result = KAUTH_RESULT_ALLOW;
370 break; 370 break;
371 371
372 default: 372 default:
373 break; 373 break;
374 } 374 }
375 375
376 break; 376 break;
377 377
378 case KAUTH_SYSTEM_SWAPCTL: 378 case KAUTH_SYSTEM_SWAPCTL:
379 case KAUTH_SYSTEM_ACCOUNTING: 379 case KAUTH_SYSTEM_ACCOUNTING:
380 case KAUTH_SYSTEM_REBOOT: 380 case KAUTH_SYSTEM_REBOOT:
381 case KAUTH_SYSTEM_CHROOT: 381 case KAUTH_SYSTEM_CHROOT:
382 case KAUTH_SYSTEM_FILEHANDLE: 382 case KAUTH_SYSTEM_FILEHANDLE:
383 case KAUTH_SYSTEM_MKNOD: 383 case KAUTH_SYSTEM_MKNOD:
384 case KAUTH_SYSTEM_SETIDCORE: 384 case KAUTH_SYSTEM_SETIDCORE:
385 case KAUTH_SYSTEM_MODULE: 385 case KAUTH_SYSTEM_MODULE:
386 case KAUTH_SYSTEM_FS_RESERVEDSPACE: 386 case KAUTH_SYSTEM_FS_RESERVEDSPACE:
387 case KAUTH_SYSTEM_MAP_VA_ZERO: 387 case KAUTH_SYSTEM_MAP_VA_ZERO:
388 case KAUTH_SYSTEM_FS_EXTATTR: 388 case KAUTH_SYSTEM_FS_EXTATTR:
389 case KAUTH_SYSTEM_FS_SNAPSHOT: 389 case KAUTH_SYSTEM_FS_SNAPSHOT:
390 if (isroot) 390 if (isroot)
391 result = KAUTH_RESULT_ALLOW; 391 result = KAUTH_RESULT_ALLOW;
392 break; 392 break;
393 393
394 case KAUTH_SYSTEM_DEBUG: 394 case KAUTH_SYSTEM_DEBUG:
395 switch (req) { 395 switch (req) {
396 case KAUTH_REQ_SYSTEM_DEBUG_IPKDB: 396 case KAUTH_REQ_SYSTEM_DEBUG_IPKDB:
397 if (isroot) 397 if (isroot)
398 result = KAUTH_RESULT_ALLOW; 398 result = KAUTH_RESULT_ALLOW;
399 399
400 break; 400 break;
401 401
402 default: 402 default:
403 break; 403 break;
404 } 404 }
405 405
406 break; 406 break;
407 407
408 case KAUTH_SYSTEM_CHSYSFLAGS: 408 case KAUTH_SYSTEM_CHSYSFLAGS:
409 /* Deprecated. */ 409 /* Deprecated. */
410 if (isroot) 410 if (isroot)
411 result = KAUTH_RESULT_ALLOW; 411 result = KAUTH_RESULT_ALLOW;
412 412
413 break; 413 break;
414 414
415 case KAUTH_SYSTEM_VERIEXEC: 415 case KAUTH_SYSTEM_VERIEXEC:
416 switch (req) { 416 switch (req) {
417 case KAUTH_REQ_SYSTEM_VERIEXEC_ACCESS: 417 case KAUTH_REQ_SYSTEM_VERIEXEC_ACCESS:
418 case KAUTH_REQ_SYSTEM_VERIEXEC_MODIFY: 418 case KAUTH_REQ_SYSTEM_VERIEXEC_MODIFY:
419 if (isroot) 419 if (isroot)
420 result = KAUTH_RESULT_ALLOW; 420 result = KAUTH_RESULT_ALLOW;
421 421
422 break; 422 break;
423 423
424 default: 424 default:
425 break; 425 break;
426 } 426 }
427 427
428 break; 428 break;
429 429
430 case KAUTH_SYSTEM_LFS: 430 case KAUTH_SYSTEM_LFS:
431 switch (req) { 431 switch (req) {
432 case KAUTH_REQ_SYSTEM_LFS_MARKV: 432 case KAUTH_REQ_SYSTEM_LFS_MARKV:
433 case KAUTH_REQ_SYSTEM_LFS_BMAPV: 433 case KAUTH_REQ_SYSTEM_LFS_BMAPV:
434 case KAUTH_REQ_SYSTEM_LFS_SEGCLEAN: 434 case KAUTH_REQ_SYSTEM_LFS_SEGCLEAN:
435 case KAUTH_REQ_SYSTEM_LFS_SEGWAIT: 435 case KAUTH_REQ_SYSTEM_LFS_SEGWAIT:
436 case KAUTH_REQ_SYSTEM_LFS_FCNTL: 436 case KAUTH_REQ_SYSTEM_LFS_FCNTL:
437 if (isroot) 437 if (isroot)
438 result = KAUTH_RESULT_ALLOW; 438 result = KAUTH_RESULT_ALLOW;
439 439
440 default: 440 default:
441 break; 441 break;
442 } 442 }
443 443
444 break; 444 break;
445 445
446 case KAUTH_SYSTEM_INTR: 446 case KAUTH_SYSTEM_INTR:
447 switch (req) { 447 switch (req) {
448 case KAUTH_REQ_SYSTEM_INTR_AFFINITY: 448 case KAUTH_REQ_SYSTEM_INTR_AFFINITY:
449 if (isroot) 449 if (isroot)
450 result = KAUTH_RESULT_ALLOW; 450 result = KAUTH_RESULT_ALLOW;
451 451
452 break; 452 break;
453 453
454 default: 454 default:
455 break; 455 break;
456 } 456 }
457 457
458 break; 458 break;
459 459
460 default: 460 default:
461 break; 461 break;
462 } 462 }
463 463
464 return (result); 464 return (result);
465} 465}
466 466
467/* 467/*
468 * kauth(9) listener 468 * kauth(9) listener
469 * 469 *
470 * Security model: Traditional NetBSD 470 * Security model: Traditional NetBSD
471 * Scope: Process 471 * Scope: Process
472 * Responsibility: Superuser access 472 * Responsibility: Superuser access
473 */ 473 */
474int 474int
475secmodel_suser_process_cb(kauth_cred_t cred, kauth_action_t action, 475secmodel_suser_process_cb(kauth_cred_t cred, kauth_action_t action,
476 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 476 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
477{ 477{
478 bool isroot; 478 bool isroot;
479 int result; 479 int result;
480 480
481 isroot = suser_isroot(cred); 481 isroot = suser_isroot(cred);
482 result = KAUTH_RESULT_DEFER; 482 result = KAUTH_RESULT_DEFER;
483 483
484 switch (action) { 484 switch (action) {
485 case KAUTH_PROCESS_SIGNAL: 485 case KAUTH_PROCESS_SIGNAL:
486 case KAUTH_PROCESS_KTRACE: 486 case KAUTH_PROCESS_KTRACE:
487 case KAUTH_PROCESS_PROCFS: 487 case KAUTH_PROCESS_PROCFS:
488 case KAUTH_PROCESS_PTRACE: 488 case KAUTH_PROCESS_PTRACE:
489 case KAUTH_PROCESS_SCHEDULER_GETPARAM: 489 case KAUTH_PROCESS_SCHEDULER_GETPARAM:
490 case KAUTH_PROCESS_SCHEDULER_SETPARAM: 490 case KAUTH_PROCESS_SCHEDULER_SETPARAM:
491 case KAUTH_PROCESS_SCHEDULER_GETAFFINITY: 491 case KAUTH_PROCESS_SCHEDULER_GETAFFINITY:
492 case KAUTH_PROCESS_SCHEDULER_SETAFFINITY: 492 case KAUTH_PROCESS_SCHEDULER_SETAFFINITY:
493 case KAUTH_PROCESS_SETID: 493 case KAUTH_PROCESS_SETID:
494 case KAUTH_PROCESS_KEVENT_FILTER: 494 case KAUTH_PROCESS_KEVENT_FILTER:
495 case KAUTH_PROCESS_NICE: 495 case KAUTH_PROCESS_NICE:
496 case KAUTH_PROCESS_FORK: 496 case KAUTH_PROCESS_FORK:
497 case KAUTH_PROCESS_CORENAME: 497 case KAUTH_PROCESS_CORENAME:
498 case KAUTH_PROCESS_STOPFLAG: 498 case KAUTH_PROCESS_STOPFLAG:
499 if (isroot) 499 if (isroot)
500 result = KAUTH_RESULT_ALLOW; 500 result = KAUTH_RESULT_ALLOW;
501 501
502 break; 502 break;
503 503
504 case KAUTH_PROCESS_CANSEE: { 504 case KAUTH_PROCESS_CANSEE: {
505 unsigned long req; 505 unsigned long req;
506 506
507 req = (unsigned long)arg1; 507 req = (unsigned long)arg1;
508 508
509 switch (req) { 509 switch (req) {
510 case KAUTH_REQ_PROCESS_CANSEE_ARGS: 510 case KAUTH_REQ_PROCESS_CANSEE_ARGS:
511 case KAUTH_REQ_PROCESS_CANSEE_ENTRY: 511 case KAUTH_REQ_PROCESS_CANSEE_ENTRY:
512 case KAUTH_REQ_PROCESS_CANSEE_OPENFILES: 512 case KAUTH_REQ_PROCESS_CANSEE_OPENFILES:
513 if (isroot) { 513 if (isroot) {
514 result = KAUTH_RESULT_ALLOW; 514 result = KAUTH_RESULT_ALLOW;
515 break; 515 break;
516 } 516 }
517 517
518 break; 518 break;
519 519
520 case KAUTH_REQ_PROCESS_CANSEE_ENV: 520 case KAUTH_REQ_PROCESS_CANSEE_ENV:
521 if (isroot) 521 if (isroot)
522 result = KAUTH_RESULT_ALLOW; 522 result = KAUTH_RESULT_ALLOW;
523 523
524 break; 524 break;
525 525
526 default: 526 default:
527 break; 527 break;
528 } 528 }
529 529
530 break; 530 break;
531 } 531 }
532 532
533 case KAUTH_PROCESS_RLIMIT: { 533 case KAUTH_PROCESS_RLIMIT: {
534 enum kauth_process_req req; 534 enum kauth_process_req req;
535 535
536 req = (enum kauth_process_req)(unsigned long)arg1; 536 req = (enum kauth_process_req)(unsigned long)arg1;
537 537
538 switch (req) { 538 switch (req) {
539 case KAUTH_REQ_PROCESS_RLIMIT_SET: 539 case KAUTH_REQ_PROCESS_RLIMIT_SET:
540 case KAUTH_REQ_PROCESS_RLIMIT_GET: 540 case KAUTH_REQ_PROCESS_RLIMIT_GET:
541 case KAUTH_REQ_PROCESS_RLIMIT_BYPASS: 541 case KAUTH_REQ_PROCESS_RLIMIT_BYPASS:
542 if (isroot) 542 if (isroot)
543 result = KAUTH_RESULT_ALLOW; 543 result = KAUTH_RESULT_ALLOW;
544 544
545 break; 545 break;
546 546
547 default: 547 default:
548 break; 548 break;
549 } 549 }
550 550
551 break; 551 break;
552 } 552 }
553 553
554 default: 554 default:
555 break; 555 break;
556 } 556 }
557 557
558 return (result); 558 return (result);
559} 559}
560 560
561/* 561/*
562 * kauth(9) listener 562 * kauth(9) listener
563 * 563 *
564 * Security model: Traditional NetBSD 564 * Security model: Traditional NetBSD
565 * Scope: Network 565 * Scope: Network
566 * Responsibility: Superuser access 566 * Responsibility: Superuser access
567 */ 567 */
568int 568int
569secmodel_suser_network_cb(kauth_cred_t cred, kauth_action_t action, 569secmodel_suser_network_cb(kauth_cred_t cred, kauth_action_t action,
570 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 570 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
571{ 571{
572 bool isroot; 572 bool isroot;
573 int result; 573 int result;
574 enum kauth_network_req req; 574 enum kauth_network_req req;
575 575
576 isroot = suser_isroot(cred); 576 isroot = suser_isroot(cred);
577 result = KAUTH_RESULT_DEFER; 577 result = KAUTH_RESULT_DEFER;
578 req = (enum kauth_network_req)arg0; 578 req = (enum kauth_network_req)arg0;
579 579
580 switch (action) { 580 switch (action) {
581 case KAUTH_NETWORK_ALTQ: 581 case KAUTH_NETWORK_ALTQ:
582 switch (req) { 582 switch (req) {
583 case KAUTH_REQ_NETWORK_ALTQ_AFMAP: 583 case KAUTH_REQ_NETWORK_ALTQ_AFMAP:
584 case KAUTH_REQ_NETWORK_ALTQ_BLUE: 584 case KAUTH_REQ_NETWORK_ALTQ_BLUE:
585 case KAUTH_REQ_NETWORK_ALTQ_CBQ: 585 case KAUTH_REQ_NETWORK_ALTQ_CBQ:
586 case KAUTH_REQ_NETWORK_ALTQ_CDNR: 586 case KAUTH_REQ_NETWORK_ALTQ_CDNR:
587 case KAUTH_REQ_NETWORK_ALTQ_CONF: 587 case KAUTH_REQ_NETWORK_ALTQ_CONF:
588 case KAUTH_REQ_NETWORK_ALTQ_FIFOQ: 588 case KAUTH_REQ_NETWORK_ALTQ_FIFOQ:
589 case KAUTH_REQ_NETWORK_ALTQ_HFSC: 589 case KAUTH_REQ_NETWORK_ALTQ_HFSC:
590 case KAUTH_REQ_NETWORK_ALTQ_JOBS: 590 case KAUTH_REQ_NETWORK_ALTQ_JOBS:
591 case KAUTH_REQ_NETWORK_ALTQ_PRIQ: 591 case KAUTH_REQ_NETWORK_ALTQ_PRIQ:
592 case KAUTH_REQ_NETWORK_ALTQ_RED: 592 case KAUTH_REQ_NETWORK_ALTQ_RED:
593 case KAUTH_REQ_NETWORK_ALTQ_RIO: 593 case KAUTH_REQ_NETWORK_ALTQ_RIO:
594 case KAUTH_REQ_NETWORK_ALTQ_WFQ: 594 case KAUTH_REQ_NETWORK_ALTQ_WFQ:
595 if (isroot) 595 if (isroot)
596 result = KAUTH_RESULT_ALLOW; 596 result = KAUTH_RESULT_ALLOW;
597 break; 597 break;
598 598
599 default: 599 default:
600 break; 600 break;
601 } 601 }
602 602
603 break; 603 break;
604 604
605 case KAUTH_NETWORK_BIND: 605 case KAUTH_NETWORK_BIND:
606 switch (req) { 606 switch (req) {
607 case KAUTH_REQ_NETWORK_BIND_PORT: 607 case KAUTH_REQ_NETWORK_BIND_PORT:
608 case KAUTH_REQ_NETWORK_BIND_PRIVPORT: 608 case KAUTH_REQ_NETWORK_BIND_PRIVPORT:
609 if (isroot) 609 if (isroot)
610 result = KAUTH_RESULT_ALLOW; 610 result = KAUTH_RESULT_ALLOW;
611 break; 611 break;
612 612
613 default: 613 default:
614 break; 614 break;
615 } 615 }
616 break; 616 break;
617 617
618 case KAUTH_NETWORK_FIREWALL: 618 case KAUTH_NETWORK_FIREWALL:
619 switch (req) { 619 switch (req) {
620 case KAUTH_REQ_NETWORK_FIREWALL_FW: 620 case KAUTH_REQ_NETWORK_FIREWALL_FW:
621 case KAUTH_REQ_NETWORK_FIREWALL_NAT: 621 case KAUTH_REQ_NETWORK_FIREWALL_NAT:
622 if (isroot) 622 if (isroot)
623 result = KAUTH_RESULT_ALLOW; 623 result = KAUTH_RESULT_ALLOW;
624 624
625 break; 625 break;
626 626
627 default: 627 default:
628 break; 628 break;
629 } 629 }
630 break; 630 break;
631 631
632 case KAUTH_NETWORK_FORWSRCRT: 632 case KAUTH_NETWORK_FORWSRCRT:
633 case KAUTH_NETWORK_ROUTE: 633 case KAUTH_NETWORK_ROUTE:
634 if (isroot) 634 if (isroot)
635 result = KAUTH_RESULT_ALLOW; 635 result = KAUTH_RESULT_ALLOW;
636 636
637 break; 637 break;
638 638
639 case KAUTH_NETWORK_INTERFACE: 639 case KAUTH_NETWORK_INTERFACE:
640 switch (req) { 640 switch (req) {
641 case KAUTH_REQ_NETWORK_INTERFACE_GET: 641 case KAUTH_REQ_NETWORK_INTERFACE_GET:
642 case KAUTH_REQ_NETWORK_INTERFACE_SET: 642 case KAUTH_REQ_NETWORK_INTERFACE_SET:
643 case KAUTH_REQ_NETWORK_INTERFACE_GETPRIV: 643 case KAUTH_REQ_NETWORK_INTERFACE_GETPRIV:
644 case KAUTH_REQ_NETWORK_INTERFACE_SETPRIV: 644 case KAUTH_REQ_NETWORK_INTERFACE_SETPRIV:
645 case KAUTH_REQ_NETWORK_INTERFACE_FIRMWARE: 645 case KAUTH_REQ_NETWORK_INTERFACE_FIRMWARE:
646 if (isroot) 646 if (isroot)
647 result = KAUTH_RESULT_ALLOW; 647 result = KAUTH_RESULT_ALLOW;
648 break; 648 break;
649 649
650 default: 650 default:
651 break; 651 break;
652 } 652 }
653 break; 653 break;
654 654
655 case KAUTH_NETWORK_INTERFACE_BRIDGE: 655 case KAUTH_NETWORK_INTERFACE_BRIDGE:
656 switch (req) { 656 switch (req) {
657 case KAUTH_REQ_NETWORK_INTERFACE_BRIDGE_GETPRIV: 657 case KAUTH_REQ_NETWORK_INTERFACE_BRIDGE_GETPRIV:
658 case KAUTH_REQ_NETWORK_INTERFACE_BRIDGE_SETPRIV: 658 case KAUTH_REQ_NETWORK_INTERFACE_BRIDGE_SETPRIV:
659 if (isroot) 659 if (isroot)
660 result = KAUTH_RESULT_ALLOW; 660 result = KAUTH_RESULT_ALLOW;
661 break; 661 break;
662 662
663 default: 663 default:
664 break; 664 break;
665 } 665 }
666 666
667 break; 667 break;
668 668
669 case KAUTH_NETWORK_INTERFACE_PPP: 669 case KAUTH_NETWORK_INTERFACE_PPP:
670 switch (req) { 670 switch (req) {
671 case KAUTH_REQ_NETWORK_INTERFACE_PPP_ADD: 671 case KAUTH_REQ_NETWORK_INTERFACE_PPP_ADD:
672 if (isroot) 672 if (isroot)
673 result = KAUTH_RESULT_ALLOW; 673 result = KAUTH_RESULT_ALLOW;
674 break; 674 break;
675 675
676 default: 676 default:
677 break; 677 break;
678 } 678 }
679 679
680 break; 680 break;
681 681
682 case KAUTH_NETWORK_INTERFACE_PVC: 682 case KAUTH_NETWORK_INTERFACE_PVC:
683 switch (req) { 683 switch (req) {
684 case KAUTH_REQ_NETWORK_INTERFACE_PVC_ADD: 684 case KAUTH_REQ_NETWORK_INTERFACE_PVC_ADD:
685 if (isroot) 685 if (isroot)
686 result = KAUTH_RESULT_ALLOW; 686 result = KAUTH_RESULT_ALLOW;
687 687
688 break; 688 break;
689 689
690 default: 690 default:
691 break; 691 break;
692 } 692 }
693 693
694 break; 694 break;
695 695
696 case KAUTH_NETWORK_INTERFACE_SLIP: 696 case KAUTH_NETWORK_INTERFACE_SLIP:
697 switch (req) { 697 switch (req) {
698 case KAUTH_REQ_NETWORK_INTERFACE_SLIP_ADD: 698 case KAUTH_REQ_NETWORK_INTERFACE_SLIP_ADD:
699 if (isroot) 699 if (isroot)
700 result = KAUTH_RESULT_ALLOW; 700 result = KAUTH_RESULT_ALLOW;
701 break; 701 break;
702 702
703 default: 703 default:
704 break; 704 break;
705 } 705 }
706 706
707 break; 707 break;
708 708
709 case KAUTH_NETWORK_INTERFACE_STRIP: 709 case KAUTH_NETWORK_INTERFACE_STRIP:
710 switch (req) { 710 switch (req) {
711 case KAUTH_REQ_NETWORK_INTERFACE_STRIP_ADD: 711 case KAUTH_REQ_NETWORK_INTERFACE_STRIP_ADD:
712 if (isroot) 712 if (isroot)
713 result = KAUTH_RESULT_ALLOW; 713 result = KAUTH_RESULT_ALLOW;
714 break; 714 break;
715 715
716 default: 716 default:
717 break; 717 break;
718 } 718 }
719 719
720 break; 720 break;
721 721
722 case KAUTH_NETWORK_INTERFACE_TUN: 722 case KAUTH_NETWORK_INTERFACE_TUN:
723 switch (req) { 723 switch (req) {
724 case KAUTH_REQ_NETWORK_INTERFACE_TUN_ADD: 724 case KAUTH_REQ_NETWORK_INTERFACE_TUN_ADD:
725 if (isroot) 725 if (isroot)
726 result = KAUTH_RESULT_ALLOW; 726 result = KAUTH_RESULT_ALLOW;
727 break; 727 break;
728 728
729 default: 729 default:
730 break; 730 break;
731 } 731 }
732 732
733 break; 733 break;
734 734
735 case KAUTH_NETWORK_IPV6: 735 case KAUTH_NETWORK_IPV6:
736 switch (req) { 736 switch (req) {
737 case KAUTH_REQ_NETWORK_IPV6_HOPBYHOP: 737 case KAUTH_REQ_NETWORK_IPV6_HOPBYHOP:
738 case KAUTH_REQ_NETWORK_IPV6_JOIN_MULTICAST: 738 case KAUTH_REQ_NETWORK_IPV6_JOIN_MULTICAST:
739 if (isroot) 739 if (isroot)
740 result = KAUTH_RESULT_ALLOW; 740 result = KAUTH_RESULT_ALLOW;
741 741
742 break; 742 break;
743 743
744 default: 744 default:
745 break; 745 break;
746 } 746 }
747 747
748 break; 748 break;
749 749
750 case KAUTH_NETWORK_NFS: 750 case KAUTH_NETWORK_NFS:
751 switch (req) { 751 switch (req) {
752 case KAUTH_REQ_NETWORK_NFS_EXPORT: 752 case KAUTH_REQ_NETWORK_NFS_EXPORT:
753 case KAUTH_REQ_NETWORK_NFS_SVC: 753 case KAUTH_REQ_NETWORK_NFS_SVC:
754 if (isroot) 754 if (isroot)
755 result = KAUTH_RESULT_ALLOW; 755 result = KAUTH_RESULT_ALLOW;
756 756
757 break; 757 break;
758 758
759 default: 759 default:
760 break; 760 break;
761 } 761 }
762 break; 762 break;
763 763
764 case KAUTH_NETWORK_SMB: 764 case KAUTH_NETWORK_SMB:
765 switch (req) { 765 switch (req) {
766 case KAUTH_REQ_NETWORK_SMB_SHARE_ACCESS: 766 case KAUTH_REQ_NETWORK_SMB_SHARE_ACCESS:
767 case KAUTH_REQ_NETWORK_SMB_SHARE_CREATE: 767 case KAUTH_REQ_NETWORK_SMB_SHARE_CREATE:
768 case KAUTH_REQ_NETWORK_SMB_VC_ACCESS: 768 case KAUTH_REQ_NETWORK_SMB_VC_ACCESS:
769 case KAUTH_REQ_NETWORK_SMB_VC_CREATE: 769 case KAUTH_REQ_NETWORK_SMB_VC_CREATE:
770 if (isroot) 770 if (isroot)
771 result = KAUTH_RESULT_ALLOW; 771 result = KAUTH_RESULT_ALLOW;
772 772
773 break; 773 break;
774 774
775 default: 775 default:
776 break; 776 break;
777 } 777 }
778 778
779 break; 779 break;
780 780
781 case KAUTH_NETWORK_SOCKET: 781 case KAUTH_NETWORK_SOCKET:
782 switch (req) { 782 switch (req) {
783 case KAUTH_REQ_NETWORK_SOCKET_DROP: 783 case KAUTH_REQ_NETWORK_SOCKET_DROP:
784 case KAUTH_REQ_NETWORK_SOCKET_OPEN: 784 case KAUTH_REQ_NETWORK_SOCKET_OPEN:
785 case KAUTH_REQ_NETWORK_SOCKET_RAWSOCK: 785 case KAUTH_REQ_NETWORK_SOCKET_RAWSOCK:
786 case KAUTH_REQ_NETWORK_SOCKET_SETPRIV: 786 case KAUTH_REQ_NETWORK_SOCKET_SETPRIV:
787 if (isroot) 787 if (isroot)
788 result = KAUTH_RESULT_ALLOW; 788 result = KAUTH_RESULT_ALLOW;
789 break; 789 break;
790 790
791 case KAUTH_REQ_NETWORK_SOCKET_CANSEE: 791 case KAUTH_REQ_NETWORK_SOCKET_CANSEE:
792 if (isroot) { 792 if (isroot) {
793 result = KAUTH_RESULT_ALLOW; 793 result = KAUTH_RESULT_ALLOW;
794 break; 794 break;
795 } 795 }
796 796
797 break; 797 break;
798 798
799 default: 799 default:
800 break; 800 break;
801 } 801 }
802 802
803 break; 803 break;
804 804
805 case KAUTH_NETWORK_IPSEC: 805 case KAUTH_NETWORK_IPSEC:
806 switch (req) { 806 switch (req) {
807 case KAUTH_REQ_NETWORK_IPSEC_BYPASS: 807 case KAUTH_REQ_NETWORK_IPSEC_BYPASS:
808 if (isroot) 808 if (isroot)
809 result = KAUTH_RESULT_ALLOW; 809 result = KAUTH_RESULT_ALLOW;
810 810
811 break; 811 break;
812 812
813 default: 813 default:
814 break; 814 break;
815 } 815 }
816 816
817 break; 817 break;
818 818
819 default: 819 default:
820 break; 820 break;
821 } 821 }
822 822
823 return (result); 823 return (result);
824} 824}
825 825
826/* 826/*
827 * kauth(9) listener 827 * kauth(9) listener
828 * 828 *
829 * Security model: Traditional NetBSD 829 * Security model: Traditional NetBSD
830 * Scope: Machdep 830 * Scope: Machdep
831 * Responsibility: Superuser access 831 * Responsibility: Superuser access
832 */ 832 */
833int 833int
834secmodel_suser_machdep_cb(kauth_cred_t cred, kauth_action_t action, 834secmodel_suser_machdep_cb(kauth_cred_t cred, kauth_action_t action,
835 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 835 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
836{ 836{
837 bool isroot; 837 bool isroot;
838 int result; 838 int result;
839 839
840 isroot = suser_isroot(cred); 840 isroot = suser_isroot(cred);
841 result = KAUTH_RESULT_DEFER; 841 result = KAUTH_RESULT_DEFER;
842 842
843 switch (action) { 843 switch (action) {
844 case KAUTH_MACHDEP_CPU_UCODE_APPLY: 844 case KAUTH_MACHDEP_CPU_UCODE_APPLY:
845 case KAUTH_MACHDEP_IOPERM_GET: 845 case KAUTH_MACHDEP_IOPERM_GET:
846 case KAUTH_MACHDEP_LDT_GET: 846 case KAUTH_MACHDEP_LDT_GET:
847 case KAUTH_MACHDEP_LDT_SET: 847 case KAUTH_MACHDEP_LDT_SET:
848 case KAUTH_MACHDEP_MTRR_GET: 848 case KAUTH_MACHDEP_MTRR_GET:
849 case KAUTH_MACHDEP_CACHEFLUSH: 849 case KAUTH_MACHDEP_CACHEFLUSH:
850 case KAUTH_MACHDEP_IOPERM_SET: 850 case KAUTH_MACHDEP_IOPERM_SET:
851 case KAUTH_MACHDEP_IOPL: 851 case KAUTH_MACHDEP_IOPL:
852 case KAUTH_MACHDEP_MTRR_SET: 852 case KAUTH_MACHDEP_MTRR_SET:
853 case KAUTH_MACHDEP_NVRAM: 853 case KAUTH_MACHDEP_NVRAM:
854 case KAUTH_MACHDEP_UNMANAGEDMEM: 854 case KAUTH_MACHDEP_UNMANAGEDMEM:
855 case KAUTH_MACHDEP_PXG: 855 case KAUTH_MACHDEP_PXG:
 856 case KAUTH_MACHDEP_X86PMC:
856 if (isroot) 857 if (isroot)
857 result = KAUTH_RESULT_ALLOW; 858 result = KAUTH_RESULT_ALLOW;
858 break; 859 break;
859 860
860 default: 861 default:
861 break; 862 break;
862 } 863 }
863 864
864 return (result); 865 return (result);
865} 866}
866 867
867/* 868/*
868 * kauth(9) listener 869 * kauth(9) listener
869 * 870 *
870 * Security model: Traditional NetBSD 871 * Security model: Traditional NetBSD
871 * Scope: Device 872 * Scope: Device
872 * Responsibility: Superuser access 873 * Responsibility: Superuser access
873 */ 874 */
874int 875int
875secmodel_suser_device_cb(kauth_cred_t cred, kauth_action_t action, 876secmodel_suser_device_cb(kauth_cred_t cred, kauth_action_t action,
876 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 877 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
877{ 878{
878 bool isroot; 879 bool isroot;
879 int result; 880 int result;
880 881
881 isroot = suser_isroot(cred); 882 isroot = suser_isroot(cred);
882 result = KAUTH_RESULT_DEFER; 883 result = KAUTH_RESULT_DEFER;
883 884
884 switch (action) { 885 switch (action) {
885 case KAUTH_DEVICE_BLUETOOTH_SETPRIV: 886 case KAUTH_DEVICE_BLUETOOTH_SETPRIV:
886 case KAUTH_DEVICE_BLUETOOTH_SEND: 887 case KAUTH_DEVICE_BLUETOOTH_SEND:
887 case KAUTH_DEVICE_BLUETOOTH_RECV: 888 case KAUTH_DEVICE_BLUETOOTH_RECV:
888 case KAUTH_DEVICE_TTY_OPEN: 889 case KAUTH_DEVICE_TTY_OPEN:
889 case KAUTH_DEVICE_TTY_PRIVSET: 890 case KAUTH_DEVICE_TTY_PRIVSET:
890 case KAUTH_DEVICE_TTY_STI: 891 case KAUTH_DEVICE_TTY_STI:
891 case KAUTH_DEVICE_TTY_VIRTUAL: 892 case KAUTH_DEVICE_TTY_VIRTUAL:
892 case KAUTH_DEVICE_RND_ADDDATA: 893 case KAUTH_DEVICE_RND_ADDDATA:
893 case KAUTH_DEVICE_RND_ADDDATA_ESTIMATE: 894 case KAUTH_DEVICE_RND_ADDDATA_ESTIMATE:
894 case KAUTH_DEVICE_RND_GETPRIV: 895 case KAUTH_DEVICE_RND_GETPRIV:
895 case KAUTH_DEVICE_RND_SETPRIV: 896 case KAUTH_DEVICE_RND_SETPRIV:
896 case KAUTH_DEVICE_WSCONS_KEYBOARD_BELL: 897 case KAUTH_DEVICE_WSCONS_KEYBOARD_BELL:
897 case KAUTH_DEVICE_WSCONS_KEYBOARD_KEYREPEAT: 898 case KAUTH_DEVICE_WSCONS_KEYBOARD_KEYREPEAT:
898 if (isroot) 899 if (isroot)
899 result = KAUTH_RESULT_ALLOW; 900 result = KAUTH_RESULT_ALLOW;
900 break; 901 break;
901 902
902 case KAUTH_DEVICE_BLUETOOTH_BCSP: 903 case KAUTH_DEVICE_BLUETOOTH_BCSP:
903 case KAUTH_DEVICE_BLUETOOTH_BTUART: { 904 case KAUTH_DEVICE_BLUETOOTH_BTUART: {
904 enum kauth_device_req req; 905 enum kauth_device_req req;
905 906
906 req = (enum kauth_device_req)arg0; 907 req = (enum kauth_device_req)arg0;
907 switch (req) { 908 switch (req) {
908 case KAUTH_REQ_DEVICE_BLUETOOTH_BCSP_ADD: 909 case KAUTH_REQ_DEVICE_BLUETOOTH_BCSP_ADD:
909 case KAUTH_REQ_DEVICE_BLUETOOTH_BTUART_ADD: 910 case KAUTH_REQ_DEVICE_BLUETOOTH_BTUART_ADD:
910 if (isroot) 911 if (isroot)
911 result = KAUTH_RESULT_ALLOW; 912 result = KAUTH_RESULT_ALLOW;
912 break; 913 break;
913 914
914 default: 915 default:
915 break; 916 break;
916 } 917 }
917 918
918 break; 919 break;
919 } 920 }
920 921
921 case KAUTH_DEVICE_GPIO_PINSET: 922 case KAUTH_DEVICE_GPIO_PINSET:
922 /* 923 /*
923 * root can access gpio pins, secmodel_securlevel can veto 924 * root can access gpio pins, secmodel_securlevel can veto
924 * this decision. 925 * this decision.
925 */ 926 */
926 if (isroot) 927 if (isroot)
927 result = KAUTH_RESULT_ALLOW; 928 result = KAUTH_RESULT_ALLOW;
928 break; 929 break;
929 930
930 default: 931 default:
931 break; 932 break;
932 } 933 }
933 934
934 return (result); 935 return (result);
935} 936}
936 937
937int 938int
938secmodel_suser_vnode_cb(kauth_cred_t cred, kauth_action_t action, 939secmodel_suser_vnode_cb(kauth_cred_t cred, kauth_action_t action,
939 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) 940 void *cookie, void *arg0, void *arg1, void *arg2, void *arg3)
940{ 941{
941 bool isroot; 942 bool isroot;
942 int result; 943 int result;
943 944
944 isroot = suser_isroot(cred); 945 isroot = suser_isroot(cred);
945 result = KAUTH_RESULT_DEFER; 946 result = KAUTH_RESULT_DEFER;
946 947
947 if (isroot) { 948 if (isroot) {
948 /* Superuser can execute only if the file's executable. */ 949 /* Superuser can execute only if the file's executable. */
949 if ((action & KAUTH_VNODE_EXECUTE) == 0 || 950 if ((action & KAUTH_VNODE_EXECUTE) == 0 ||
950 (action & KAUTH_VNODE_IS_EXEC)) 951 (action & KAUTH_VNODE_IS_EXEC))
951 result = KAUTH_RESULT_ALLOW; 952 result = KAUTH_RESULT_ALLOW;
952 } 953 }
953 954
954 return (result); 955 return (result);
955} 956}
956 957
cvs diff -r1.73 -r1.74 src/sys/sys/kauth.h (switch to unified diff)

--- src/sys/sys/kauth.h 2015/10/06 22:13:39 1.73
+++ src/sys/sys/kauth.h 2017/06/14 17:48:41 1.74
@@ -1,530 +1,531 @@ @@ -1,530 +1,531 @@
1/* $NetBSD: kauth.h,v 1.73 2015/10/06 22:13:39 christos Exp $ */ 1/* $NetBSD: kauth.h,v 1.74 2017/06/14 17:48:41 maxv Exp $ */
2 2
3/*- 3/*-
4 * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>  4 * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * Redistribution and use in source and binary forms, with or without 7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions 8 * modification, are permitted provided that the following conditions
9 * are met: 9 * are met:
10 * 1. Redistributions of source code must retain the above copyright 10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer. 11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the 13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution. 14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote products 15 * 3. The name of the author may not be used to endorse or promote products
16 * derived from this software without specific prior written permission. 16 * derived from this software without specific prior written permission.
17 * 17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */ 28 */
29 29
30/* 30/*
31 * This is based on Apple TN2127, available online at 31 * This is based on Apple TN2127, available online at
32 * http://developer.apple.com/technotes/tn2005/tn2127.html 32 * http://developer.apple.com/technotes/tn2005/tn2127.html
33 */ 33 */
34 34
35#ifndef _SYS_KAUTH_H_ 35#ifndef _SYS_KAUTH_H_
36#define _SYS_KAUTH_H_ 36#define _SYS_KAUTH_H_
37 37
38#include <secmodel/secmodel.h> /* for secmodel_t type */ 38#include <secmodel/secmodel.h> /* for secmodel_t type */
39#include <sys/stat.h> /* for modes */ 39#include <sys/stat.h> /* for modes */
40 40
41struct uucred; 41struct uucred;
42struct ki_ucred; 42struct ki_ucred;
43struct ki_pcred; 43struct ki_pcred;
44struct proc; 44struct proc;
45struct tty; 45struct tty;
46struct vnode; 46struct vnode;
47struct cwdinfo; 47struct cwdinfo;
48 48
49/* Types. */ 49/* Types. */
50typedef struct kauth_scope *kauth_scope_t; 50typedef struct kauth_scope *kauth_scope_t;
51typedef struct kauth_listener *kauth_listener_t; 51typedef struct kauth_listener *kauth_listener_t;
52typedef uint32_t kauth_action_t; 52typedef uint32_t kauth_action_t;
53typedef int (*kauth_scope_callback_t)(kauth_cred_t, kauth_action_t, 53typedef int (*kauth_scope_callback_t)(kauth_cred_t, kauth_action_t,
54 void *, void *, void *, void *, void *); 54 void *, void *, void *, void *, void *);
55typedef struct kauth_key *kauth_key_t; 55typedef struct kauth_key *kauth_key_t;
56 56
57#ifdef __KAUTH_PRIVATE /* For the debugger */ 57#ifdef __KAUTH_PRIVATE /* For the debugger */
58/*  58/*
59 * Credentials. 59 * Credentials.
60 * 60 *
61 * A subset of this structure is used in kvm(3) (src/lib/libkvm/kvm_proc.c) 61 * A subset of this structure is used in kvm(3) (src/lib/libkvm/kvm_proc.c)
62 * and should be synchronized with this structure when the update is 62 * and should be synchronized with this structure when the update is
63 * relevant. 63 * relevant.
64 */ 64 */
65struct kauth_cred { 65struct kauth_cred {
66 /* 66 /*
67 * Ensure that the first part of the credential resides in its own 67 * Ensure that the first part of the credential resides in its own
68 * cache line. Due to sharing there aren't many kauth_creds in a 68 * cache line. Due to sharing there aren't many kauth_creds in a
69 * typical system, but the reference counts change very often. 69 * typical system, but the reference counts change very often.
70 * Keeping it separate from the rest of the data prevents false 70 * Keeping it separate from the rest of the data prevents false
71 * sharing between CPUs. 71 * sharing between CPUs.
72 */ 72 */
73 u_int cr_refcnt; /* reference count */ 73 u_int cr_refcnt; /* reference count */
74#if COHERENCY_UNIT > 4 74#if COHERENCY_UNIT > 4
75 uint8_t cr_pad[COHERENCY_UNIT - 4]; 75 uint8_t cr_pad[COHERENCY_UNIT - 4];
76#endif 76#endif
77 uid_t cr_uid; /* user id */ 77 uid_t cr_uid; /* user id */
78 uid_t cr_euid; /* effective user id */ 78 uid_t cr_euid; /* effective user id */
79 uid_t cr_svuid; /* saved effective user id */ 79 uid_t cr_svuid; /* saved effective user id */
80 gid_t cr_gid; /* group id */ 80 gid_t cr_gid; /* group id */
81 gid_t cr_egid; /* effective group id */ 81 gid_t cr_egid; /* effective group id */
82 gid_t cr_svgid; /* saved effective group id */ 82 gid_t cr_svgid; /* saved effective group id */
83 u_int cr_ngroups; /* number of groups */ 83 u_int cr_ngroups; /* number of groups */
84 gid_t cr_groups[NGROUPS]; /* group memberships */ 84 gid_t cr_groups[NGROUPS]; /* group memberships */
85 specificdata_reference cr_sd; /* specific data */ 85 specificdata_reference cr_sd; /* specific data */
86}; 86};
87#endif 87#endif
88 88
89/* 89/*
90 * Possible return values for a listener. 90 * Possible return values for a listener.
91 */ 91 */
92#define KAUTH_RESULT_ALLOW 0 /* allow access */ 92#define KAUTH_RESULT_ALLOW 0 /* allow access */
93#define KAUTH_RESULT_DENY 1 /* deny access */ 93#define KAUTH_RESULT_DENY 1 /* deny access */
94#define KAUTH_RESULT_DEFER 2 /* let others decide */ 94#define KAUTH_RESULT_DEFER 2 /* let others decide */
95 95
96/* 96/*
97 * Scopes. 97 * Scopes.
98 */ 98 */
99#define KAUTH_SCOPE_GENERIC "org.netbsd.kauth.generic" 99#define KAUTH_SCOPE_GENERIC "org.netbsd.kauth.generic"
100#define KAUTH_SCOPE_SYSTEM "org.netbsd.kauth.system" 100#define KAUTH_SCOPE_SYSTEM "org.netbsd.kauth.system"
101#define KAUTH_SCOPE_PROCESS "org.netbsd.kauth.process" 101#define KAUTH_SCOPE_PROCESS "org.netbsd.kauth.process"
102#define KAUTH_SCOPE_NETWORK "org.netbsd.kauth.network" 102#define KAUTH_SCOPE_NETWORK "org.netbsd.kauth.network"
103#define KAUTH_SCOPE_MACHDEP "org.netbsd.kauth.machdep" 103#define KAUTH_SCOPE_MACHDEP "org.netbsd.kauth.machdep"
104#define KAUTH_SCOPE_DEVICE "org.netbsd.kauth.device" 104#define KAUTH_SCOPE_DEVICE "org.netbsd.kauth.device"
105#define KAUTH_SCOPE_CRED "org.netbsd.kauth.cred" 105#define KAUTH_SCOPE_CRED "org.netbsd.kauth.cred"
106#define KAUTH_SCOPE_VNODE "org.netbsd.kauth.vnode" 106#define KAUTH_SCOPE_VNODE "org.netbsd.kauth.vnode"
107 107
108/* 108/*
109 * Generic scope - actions. 109 * Generic scope - actions.
110 */ 110 */
111enum { 111enum {
112 KAUTH_GENERIC_UNUSED1=1, 112 KAUTH_GENERIC_UNUSED1=1,
113 KAUTH_GENERIC_ISSUSER, 113 KAUTH_GENERIC_ISSUSER,
114}; 114};
115 115
116/* 116/*
117 * System scope - actions. 117 * System scope - actions.
118 */ 118 */
119enum { 119enum {
120 KAUTH_SYSTEM_ACCOUNTING=1, 120 KAUTH_SYSTEM_ACCOUNTING=1,
121 KAUTH_SYSTEM_CHROOT, 121 KAUTH_SYSTEM_CHROOT,
122 KAUTH_SYSTEM_CHSYSFLAGS, 122 KAUTH_SYSTEM_CHSYSFLAGS,
123 KAUTH_SYSTEM_CPU, 123 KAUTH_SYSTEM_CPU,
124 KAUTH_SYSTEM_DEBUG, 124 KAUTH_SYSTEM_DEBUG,
125 KAUTH_SYSTEM_FILEHANDLE, 125 KAUTH_SYSTEM_FILEHANDLE,
126 KAUTH_SYSTEM_MKNOD, 126 KAUTH_SYSTEM_MKNOD,
127 KAUTH_SYSTEM_MOUNT, 127 KAUTH_SYSTEM_MOUNT,
128 KAUTH_SYSTEM_PSET, 128 KAUTH_SYSTEM_PSET,
129 KAUTH_SYSTEM_REBOOT, 129 KAUTH_SYSTEM_REBOOT,
130 KAUTH_SYSTEM_SETIDCORE, 130 KAUTH_SYSTEM_SETIDCORE,
131 KAUTH_SYSTEM_SWAPCTL, 131 KAUTH_SYSTEM_SWAPCTL,
132 KAUTH_SYSTEM_SYSCTL, 132 KAUTH_SYSTEM_SYSCTL,
133 KAUTH_SYSTEM_TIME, 133 KAUTH_SYSTEM_TIME,
134 KAUTH_SYSTEM_MODULE, 134 KAUTH_SYSTEM_MODULE,
135 KAUTH_SYSTEM_FS_RESERVEDSPACE, 135 KAUTH_SYSTEM_FS_RESERVEDSPACE,
136 KAUTH_SYSTEM_FS_QUOTA, 136 KAUTH_SYSTEM_FS_QUOTA,
137 KAUTH_SYSTEM_SEMAPHORE, 137 KAUTH_SYSTEM_SEMAPHORE,
138 KAUTH_SYSTEM_SYSVIPC, 138 KAUTH_SYSTEM_SYSVIPC,
139 KAUTH_SYSTEM_MQUEUE, 139 KAUTH_SYSTEM_MQUEUE,
140 KAUTH_SYSTEM_VERIEXEC, 140 KAUTH_SYSTEM_VERIEXEC,
141 KAUTH_SYSTEM_DEVMAPPER, 141 KAUTH_SYSTEM_DEVMAPPER,
142 KAUTH_SYSTEM_MAP_VA_ZERO, 142 KAUTH_SYSTEM_MAP_VA_ZERO,
143 KAUTH_SYSTEM_LFS, 143 KAUTH_SYSTEM_LFS,
144 KAUTH_SYSTEM_FS_EXTATTR, 144 KAUTH_SYSTEM_FS_EXTATTR,
145 KAUTH_SYSTEM_FS_SNAPSHOT, 145 KAUTH_SYSTEM_FS_SNAPSHOT,
146 KAUTH_SYSTEM_INTR, 146 KAUTH_SYSTEM_INTR,
147}; 147};
148 148
149/* 149/*
150 * System scope - sub-actions. 150 * System scope - sub-actions.
151 */ 151 */
152enum kauth_system_req { 152enum kauth_system_req {
153 KAUTH_REQ_SYSTEM_CHROOT_CHROOT=1, 153 KAUTH_REQ_SYSTEM_CHROOT_CHROOT=1,
154 KAUTH_REQ_SYSTEM_CHROOT_FCHROOT, 154 KAUTH_REQ_SYSTEM_CHROOT_FCHROOT,
155 KAUTH_REQ_SYSTEM_CPU_SETSTATE, 155 KAUTH_REQ_SYSTEM_CPU_SETSTATE,
156 KAUTH_REQ_SYSTEM_DEBUG_IPKDB, 156 KAUTH_REQ_SYSTEM_DEBUG_IPKDB,
157 KAUTH_REQ_SYSTEM_MOUNT_GET, 157 KAUTH_REQ_SYSTEM_MOUNT_GET,
158 KAUTH_REQ_SYSTEM_MOUNT_NEW, 158 KAUTH_REQ_SYSTEM_MOUNT_NEW,
159 KAUTH_REQ_SYSTEM_MOUNT_UNMOUNT, 159 KAUTH_REQ_SYSTEM_MOUNT_UNMOUNT,
160 KAUTH_REQ_SYSTEM_MOUNT_UPDATE, 160 KAUTH_REQ_SYSTEM_MOUNT_UPDATE,
161 KAUTH_REQ_SYSTEM_PSET_ASSIGN, 161 KAUTH_REQ_SYSTEM_PSET_ASSIGN,
162 KAUTH_REQ_SYSTEM_PSET_BIND, 162 KAUTH_REQ_SYSTEM_PSET_BIND,
163 KAUTH_REQ_SYSTEM_PSET_CREATE, 163 KAUTH_REQ_SYSTEM_PSET_CREATE,
164 KAUTH_REQ_SYSTEM_PSET_DESTROY, 164 KAUTH_REQ_SYSTEM_PSET_DESTROY,
165 KAUTH_REQ_SYSTEM_SYSCTL_ADD, 165 KAUTH_REQ_SYSTEM_SYSCTL_ADD,
166 KAUTH_REQ_SYSTEM_SYSCTL_DELETE, 166 KAUTH_REQ_SYSTEM_SYSCTL_DELETE,
167 KAUTH_REQ_SYSTEM_SYSCTL_DESC, 167 KAUTH_REQ_SYSTEM_SYSCTL_DESC,
168 KAUTH_REQ_SYSTEM_SYSCTL_MODIFY, 168 KAUTH_REQ_SYSTEM_SYSCTL_MODIFY,
169 KAUTH_REQ_SYSTEM_SYSCTL_PRVT, 169 KAUTH_REQ_SYSTEM_SYSCTL_PRVT,
170 KAUTH_REQ_SYSTEM_TIME_ADJTIME, 170 KAUTH_REQ_SYSTEM_TIME_ADJTIME,
171 KAUTH_REQ_SYSTEM_TIME_NTPADJTIME, 171 KAUTH_REQ_SYSTEM_TIME_NTPADJTIME,
172 KAUTH_REQ_SYSTEM_TIME_RTCOFFSET, 172 KAUTH_REQ_SYSTEM_TIME_RTCOFFSET,
173 KAUTH_REQ_SYSTEM_TIME_SYSTEM, 173 KAUTH_REQ_SYSTEM_TIME_SYSTEM,
174 KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS, 174 KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS,
175 KAUTH_REQ_SYSTEM_FS_QUOTA_GET, 175 KAUTH_REQ_SYSTEM_FS_QUOTA_GET,
176 KAUTH_REQ_SYSTEM_FS_QUOTA_MANAGE, 176 KAUTH_REQ_SYSTEM_FS_QUOTA_MANAGE,
177 KAUTH_REQ_SYSTEM_FS_QUOTA_NOLIMIT, 177 KAUTH_REQ_SYSTEM_FS_QUOTA_NOLIMIT,
178 KAUTH_REQ_SYSTEM_FS_QUOTA_ONOFF, 178 KAUTH_REQ_SYSTEM_FS_QUOTA_ONOFF,
179 KAUTH_REQ_SYSTEM_SYSVIPC_BYPASS, 179 KAUTH_REQ_SYSTEM_SYSVIPC_BYPASS,
180 KAUTH_REQ_SYSTEM_SYSVIPC_SHM_LOCK, 180 KAUTH_REQ_SYSTEM_SYSVIPC_SHM_LOCK,
181 KAUTH_REQ_SYSTEM_SYSVIPC_SHM_UNLOCK, 181 KAUTH_REQ_SYSTEM_SYSVIPC_SHM_UNLOCK,
182 KAUTH_REQ_SYSTEM_SYSVIPC_MSGQ_OVERSIZE, 182 KAUTH_REQ_SYSTEM_SYSVIPC_MSGQ_OVERSIZE,
183 KAUTH_REQ_SYSTEM_VERIEXEC_ACCESS, 183 KAUTH_REQ_SYSTEM_VERIEXEC_ACCESS,
184 KAUTH_REQ_SYSTEM_VERIEXEC_MODIFY, 184 KAUTH_REQ_SYSTEM_VERIEXEC_MODIFY,
185 KAUTH_REQ_SYSTEM_LFS_MARKV, 185 KAUTH_REQ_SYSTEM_LFS_MARKV,
186 KAUTH_REQ_SYSTEM_LFS_BMAPV, 186 KAUTH_REQ_SYSTEM_LFS_BMAPV,
187 KAUTH_REQ_SYSTEM_LFS_SEGCLEAN, 187 KAUTH_REQ_SYSTEM_LFS_SEGCLEAN,
188 KAUTH_REQ_SYSTEM_LFS_SEGWAIT, 188 KAUTH_REQ_SYSTEM_LFS_SEGWAIT,
189 KAUTH_REQ_SYSTEM_LFS_FCNTL, 189 KAUTH_REQ_SYSTEM_LFS_FCNTL,
190 KAUTH_REQ_SYSTEM_MOUNT_UMAP, 190 KAUTH_REQ_SYSTEM_MOUNT_UMAP,
191 KAUTH_REQ_SYSTEM_MOUNT_DEVICE, 191 KAUTH_REQ_SYSTEM_MOUNT_DEVICE,
192 KAUTH_REQ_SYSTEM_INTR_AFFINITY, 192 KAUTH_REQ_SYSTEM_INTR_AFFINITY,
193}; 193};
194 194
195/* 195/*
196 * Process scope - actions. 196 * Process scope - actions.
197 */ 197 */
198enum { 198enum {
199 KAUTH_PROCESS_CANSEE=1, 199 KAUTH_PROCESS_CANSEE=1,
200 KAUTH_PROCESS_CORENAME, 200 KAUTH_PROCESS_CORENAME,
201 KAUTH_PROCESS_FORK, 201 KAUTH_PROCESS_FORK,
202 KAUTH_PROCESS_KEVENT_FILTER, 202 KAUTH_PROCESS_KEVENT_FILTER,
203 KAUTH_PROCESS_KTRACE, 203 KAUTH_PROCESS_KTRACE,
204 KAUTH_PROCESS_NICE, 204 KAUTH_PROCESS_NICE,
205 KAUTH_PROCESS_PROCFS, 205 KAUTH_PROCESS_PROCFS,
206 KAUTH_PROCESS_PTRACE, 206 KAUTH_PROCESS_PTRACE,
207 KAUTH_PROCESS_RLIMIT, 207 KAUTH_PROCESS_RLIMIT,
208 KAUTH_PROCESS_SCHEDULER_GETAFFINITY, 208 KAUTH_PROCESS_SCHEDULER_GETAFFINITY,
209 KAUTH_PROCESS_SCHEDULER_SETAFFINITY, 209 KAUTH_PROCESS_SCHEDULER_SETAFFINITY,
210 KAUTH_PROCESS_SCHEDULER_GETPARAM, 210 KAUTH_PROCESS_SCHEDULER_GETPARAM,
211 KAUTH_PROCESS_SCHEDULER_SETPARAM, 211 KAUTH_PROCESS_SCHEDULER_SETPARAM,
212 KAUTH_PROCESS_SETID, 212 KAUTH_PROCESS_SETID,
213 KAUTH_PROCESS_SIGNAL, 213 KAUTH_PROCESS_SIGNAL,
214 KAUTH_PROCESS_STOPFLAG 214 KAUTH_PROCESS_STOPFLAG
215}; 215};
216 216
217/* 217/*
218 * Process scope - sub-actions. 218 * Process scope - sub-actions.
219 */ 219 */
220enum kauth_process_req { 220enum kauth_process_req {
221 KAUTH_REQ_PROCESS_CANSEE_ARGS=1, 221 KAUTH_REQ_PROCESS_CANSEE_ARGS=1,
222 KAUTH_REQ_PROCESS_CANSEE_ENTRY, 222 KAUTH_REQ_PROCESS_CANSEE_ENTRY,
223 KAUTH_REQ_PROCESS_CANSEE_ENV, 223 KAUTH_REQ_PROCESS_CANSEE_ENV,
224 KAUTH_REQ_PROCESS_CANSEE_OPENFILES, 224 KAUTH_REQ_PROCESS_CANSEE_OPENFILES,
225 KAUTH_REQ_PROCESS_CORENAME_GET, 225 KAUTH_REQ_PROCESS_CORENAME_GET,
226 KAUTH_REQ_PROCESS_CORENAME_SET, 226 KAUTH_REQ_PROCESS_CORENAME_SET,
227 KAUTH_REQ_PROCESS_KTRACE_PERSISTENT, 227 KAUTH_REQ_PROCESS_KTRACE_PERSISTENT,
228 KAUTH_REQ_PROCESS_PROCFS_CTL, 228 KAUTH_REQ_PROCESS_PROCFS_CTL,
229 KAUTH_REQ_PROCESS_PROCFS_READ, 229 KAUTH_REQ_PROCESS_PROCFS_READ,
230 KAUTH_REQ_PROCESS_PROCFS_RW, 230 KAUTH_REQ_PROCESS_PROCFS_RW,
231 KAUTH_REQ_PROCESS_PROCFS_WRITE, 231 KAUTH_REQ_PROCESS_PROCFS_WRITE,
232 KAUTH_REQ_PROCESS_RLIMIT_GET, 232 KAUTH_REQ_PROCESS_RLIMIT_GET,
233 KAUTH_REQ_PROCESS_RLIMIT_SET, 233 KAUTH_REQ_PROCESS_RLIMIT_SET,
234 KAUTH_REQ_PROCESS_RLIMIT_BYPASS, 234 KAUTH_REQ_PROCESS_RLIMIT_BYPASS,
235}; 235};
236 236
237/* 237/*
238 * Network scope - actions. 238 * Network scope - actions.
239 */ 239 */
240enum { 240enum {
241 KAUTH_NETWORK_ALTQ=1, 241 KAUTH_NETWORK_ALTQ=1,
242 KAUTH_NETWORK_BIND, 242 KAUTH_NETWORK_BIND,
243 KAUTH_NETWORK_FIREWALL, 243 KAUTH_NETWORK_FIREWALL,
244 KAUTH_NETWORK_INTERFACE, 244 KAUTH_NETWORK_INTERFACE,
245 KAUTH_NETWORK_FORWSRCRT, 245 KAUTH_NETWORK_FORWSRCRT,
246 KAUTH_NETWORK_NFS, 246 KAUTH_NETWORK_NFS,
247 KAUTH_NETWORK_ROUTE, 247 KAUTH_NETWORK_ROUTE,
248 KAUTH_NETWORK_SOCKET, 248 KAUTH_NETWORK_SOCKET,
249 KAUTH_NETWORK_INTERFACE_PPP, 249 KAUTH_NETWORK_INTERFACE_PPP,
250 KAUTH_NETWORK_INTERFACE_SLIP, 250 KAUTH_NETWORK_INTERFACE_SLIP,
251 KAUTH_NETWORK_INTERFACE_STRIP, 251 KAUTH_NETWORK_INTERFACE_STRIP,
252 KAUTH_NETWORK_INTERFACE_TUN, 252 KAUTH_NETWORK_INTERFACE_TUN,
253 KAUTH_NETWORK_INTERFACE_BRIDGE, 253 KAUTH_NETWORK_INTERFACE_BRIDGE,
254 KAUTH_NETWORK_IPSEC, 254 KAUTH_NETWORK_IPSEC,
255 KAUTH_NETWORK_INTERFACE_PVC, 255 KAUTH_NETWORK_INTERFACE_PVC,
256 KAUTH_NETWORK_IPV6, 256 KAUTH_NETWORK_IPV6,
257 KAUTH_NETWORK_SMB, 257 KAUTH_NETWORK_SMB,
258}; 258};
259 259
260/* 260/*
261 * Network scope - sub-actions. 261 * Network scope - sub-actions.
262 */ 262 */
263enum kauth_network_req { 263enum kauth_network_req {
264 KAUTH_REQ_NETWORK_ALTQ_AFMAP=1, 264 KAUTH_REQ_NETWORK_ALTQ_AFMAP=1,
265 KAUTH_REQ_NETWORK_ALTQ_BLUE, 265 KAUTH_REQ_NETWORK_ALTQ_BLUE,
266 KAUTH_REQ_NETWORK_ALTQ_CBQ, 266 KAUTH_REQ_NETWORK_ALTQ_CBQ,
267 KAUTH_REQ_NETWORK_ALTQ_CDNR, 267 KAUTH_REQ_NETWORK_ALTQ_CDNR,
268 KAUTH_REQ_NETWORK_ALTQ_CONF, 268 KAUTH_REQ_NETWORK_ALTQ_CONF,
269 KAUTH_REQ_NETWORK_ALTQ_FIFOQ, 269 KAUTH_REQ_NETWORK_ALTQ_FIFOQ,
270 KAUTH_REQ_NETWORK_ALTQ_HFSC, 270 KAUTH_REQ_NETWORK_ALTQ_HFSC,
271 KAUTH_REQ_NETWORK_ALTQ_JOBS, 271 KAUTH_REQ_NETWORK_ALTQ_JOBS,
272 KAUTH_REQ_NETWORK_ALTQ_PRIQ, 272 KAUTH_REQ_NETWORK_ALTQ_PRIQ,
273 KAUTH_REQ_NETWORK_ALTQ_RED, 273 KAUTH_REQ_NETWORK_ALTQ_RED,
274 KAUTH_REQ_NETWORK_ALTQ_RIO, 274 KAUTH_REQ_NETWORK_ALTQ_RIO,
275 KAUTH_REQ_NETWORK_ALTQ_WFQ, 275 KAUTH_REQ_NETWORK_ALTQ_WFQ,
276 KAUTH_REQ_NETWORK_BIND_PORT, 276 KAUTH_REQ_NETWORK_BIND_PORT,
277 KAUTH_REQ_NETWORK_BIND_PRIVPORT, 277 KAUTH_REQ_NETWORK_BIND_PRIVPORT,
278 KAUTH_REQ_NETWORK_FIREWALL_FW, 278 KAUTH_REQ_NETWORK_FIREWALL_FW,
279 KAUTH_REQ_NETWORK_FIREWALL_NAT, 279 KAUTH_REQ_NETWORK_FIREWALL_NAT,
280 KAUTH_REQ_NETWORK_INTERFACE_GET, 280 KAUTH_REQ_NETWORK_INTERFACE_GET,
281 KAUTH_REQ_NETWORK_INTERFACE_GETPRIV, 281 KAUTH_REQ_NETWORK_INTERFACE_GETPRIV,
282 KAUTH_REQ_NETWORK_INTERFACE_SET, 282 KAUTH_REQ_NETWORK_INTERFACE_SET,
283 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, 283 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV,
284 KAUTH_REQ_NETWORK_NFS_EXPORT, 284 KAUTH_REQ_NETWORK_NFS_EXPORT,
285 KAUTH_REQ_NETWORK_NFS_SVC, 285 KAUTH_REQ_NETWORK_NFS_SVC,
286 KAUTH_REQ_NETWORK_SOCKET_OPEN, 286 KAUTH_REQ_NETWORK_SOCKET_OPEN,
287 KAUTH_REQ_NETWORK_SOCKET_RAWSOCK, 287 KAUTH_REQ_NETWORK_SOCKET_RAWSOCK,
288 KAUTH_REQ_NETWORK_SOCKET_CANSEE, 288 KAUTH_REQ_NETWORK_SOCKET_CANSEE,
289 KAUTH_REQ_NETWORK_SOCKET_DROP, 289 KAUTH_REQ_NETWORK_SOCKET_DROP,
290 KAUTH_REQ_NETWORK_SOCKET_SETPRIV, 290 KAUTH_REQ_NETWORK_SOCKET_SETPRIV,
291 KAUTH_REQ_NETWORK_INTERFACE_PPP_ADD, 291 KAUTH_REQ_NETWORK_INTERFACE_PPP_ADD,
292 KAUTH_REQ_NETWORK_INTERFACE_SLIP_ADD, 292 KAUTH_REQ_NETWORK_INTERFACE_SLIP_ADD,
293 KAUTH_REQ_NETWORK_INTERFACE_STRIP_ADD, 293 KAUTH_REQ_NETWORK_INTERFACE_STRIP_ADD,
294 KAUTH_REQ_NETWORK_INTERFACE_TUN_ADD, 294 KAUTH_REQ_NETWORK_INTERFACE_TUN_ADD,
295 KAUTH_REQ_NETWORK_IPV6_HOPBYHOP, 295 KAUTH_REQ_NETWORK_IPV6_HOPBYHOP,
296 KAUTH_REQ_NETWORK_INTERFACE_BRIDGE_GETPRIV, 296 KAUTH_REQ_NETWORK_INTERFACE_BRIDGE_GETPRIV,
297 KAUTH_REQ_NETWORK_INTERFACE_BRIDGE_SETPRIV, 297 KAUTH_REQ_NETWORK_INTERFACE_BRIDGE_SETPRIV,
298 KAUTH_REQ_NETWORK_IPSEC_BYPASS, 298 KAUTH_REQ_NETWORK_IPSEC_BYPASS,
299 KAUTH_REQ_NETWORK_IPV6_JOIN_MULTICAST, 299 KAUTH_REQ_NETWORK_IPV6_JOIN_MULTICAST,
300 KAUTH_REQ_NETWORK_INTERFACE_PVC_ADD, 300 KAUTH_REQ_NETWORK_INTERFACE_PVC_ADD,
301 KAUTH_REQ_NETWORK_SMB_SHARE_ACCESS, 301 KAUTH_REQ_NETWORK_SMB_SHARE_ACCESS,
302 KAUTH_REQ_NETWORK_SMB_SHARE_CREATE, 302 KAUTH_REQ_NETWORK_SMB_SHARE_CREATE,
303 KAUTH_REQ_NETWORK_SMB_VC_ACCESS, 303 KAUTH_REQ_NETWORK_SMB_VC_ACCESS,
304 KAUTH_REQ_NETWORK_SMB_VC_CREATE, 304 KAUTH_REQ_NETWORK_SMB_VC_CREATE,
305 KAUTH_REQ_NETWORK_INTERFACE_FIRMWARE, 305 KAUTH_REQ_NETWORK_INTERFACE_FIRMWARE,
306}; 306};
307 307
308/* 308/*
309 * Machdep scope - actions. 309 * Machdep scope - actions.
310 */ 310 */
311enum { 311enum {
312 KAUTH_MACHDEP_CACHEFLUSH=1, 312 KAUTH_MACHDEP_CACHEFLUSH=1,
313 KAUTH_MACHDEP_CPU_UCODE_APPLY, 313 KAUTH_MACHDEP_CPU_UCODE_APPLY,
314 KAUTH_MACHDEP_IOPERM_GET, 314 KAUTH_MACHDEP_IOPERM_GET,
315 KAUTH_MACHDEP_IOPERM_SET, 315 KAUTH_MACHDEP_IOPERM_SET,
316 KAUTH_MACHDEP_IOPL, 316 KAUTH_MACHDEP_IOPL,
317 KAUTH_MACHDEP_LDT_GET, 317 KAUTH_MACHDEP_LDT_GET,
318 KAUTH_MACHDEP_LDT_SET, 318 KAUTH_MACHDEP_LDT_SET,
319 KAUTH_MACHDEP_MTRR_GET, 319 KAUTH_MACHDEP_MTRR_GET,
320 KAUTH_MACHDEP_MTRR_SET, 320 KAUTH_MACHDEP_MTRR_SET,
321 KAUTH_MACHDEP_NVRAM, 321 KAUTH_MACHDEP_NVRAM,
322 KAUTH_MACHDEP_UNMANAGEDMEM, 322 KAUTH_MACHDEP_UNMANAGEDMEM,
323 KAUTH_MACHDEP_PXG, 323 KAUTH_MACHDEP_PXG,
 324 KAUTH_MACHDEP_X86PMC
324}; 325};
325 326
326/* 327/*
327 * Device scope - actions. 328 * Device scope - actions.
328 */ 329 */
329enum { 330enum {
330 KAUTH_DEVICE_TTY_OPEN=1, 331 KAUTH_DEVICE_TTY_OPEN=1,
331 KAUTH_DEVICE_TTY_PRIVSET, 332 KAUTH_DEVICE_TTY_PRIVSET,
332 KAUTH_DEVICE_TTY_STI, 333 KAUTH_DEVICE_TTY_STI,
333 KAUTH_DEVICE_RAWIO_SPEC, 334 KAUTH_DEVICE_RAWIO_SPEC,
334 KAUTH_DEVICE_RAWIO_PASSTHRU, 335 KAUTH_DEVICE_RAWIO_PASSTHRU,
335 KAUTH_DEVICE_BLUETOOTH_SETPRIV, 336 KAUTH_DEVICE_BLUETOOTH_SETPRIV,
336 KAUTH_DEVICE_RND_ADDDATA, 337 KAUTH_DEVICE_RND_ADDDATA,
337 KAUTH_DEVICE_RND_ADDDATA_ESTIMATE, 338 KAUTH_DEVICE_RND_ADDDATA_ESTIMATE,
338 KAUTH_DEVICE_RND_GETPRIV, 339 KAUTH_DEVICE_RND_GETPRIV,
339 KAUTH_DEVICE_RND_SETPRIV, 340 KAUTH_DEVICE_RND_SETPRIV,
340 KAUTH_DEVICE_BLUETOOTH_BCSP, 341 KAUTH_DEVICE_BLUETOOTH_BCSP,
341 KAUTH_DEVICE_BLUETOOTH_BTUART, 342 KAUTH_DEVICE_BLUETOOTH_BTUART,
342 KAUTH_DEVICE_GPIO_PINSET, 343 KAUTH_DEVICE_GPIO_PINSET,
343 KAUTH_DEVICE_BLUETOOTH_SEND, 344 KAUTH_DEVICE_BLUETOOTH_SEND,
344 KAUTH_DEVICE_BLUETOOTH_RECV, 345 KAUTH_DEVICE_BLUETOOTH_RECV,
345 KAUTH_DEVICE_TTY_VIRTUAL, 346 KAUTH_DEVICE_TTY_VIRTUAL,
346 KAUTH_DEVICE_WSCONS_KEYBOARD_BELL, 347 KAUTH_DEVICE_WSCONS_KEYBOARD_BELL,
347 KAUTH_DEVICE_WSCONS_KEYBOARD_KEYREPEAT, 348 KAUTH_DEVICE_WSCONS_KEYBOARD_KEYREPEAT,
348}; 349};
349 350
350/* 351/*
351 * Device scope - sub-actions. 352 * Device scope - sub-actions.
352 */ 353 */
353enum kauth_device_req { 354enum kauth_device_req {
354 KAUTH_REQ_DEVICE_RAWIO_SPEC_READ=1, 355 KAUTH_REQ_DEVICE_RAWIO_SPEC_READ=1,
355 KAUTH_REQ_DEVICE_RAWIO_SPEC_WRITE, 356 KAUTH_REQ_DEVICE_RAWIO_SPEC_WRITE,
356 KAUTH_REQ_DEVICE_RAWIO_SPEC_RW, 357 KAUTH_REQ_DEVICE_RAWIO_SPEC_RW,
357 KAUTH_REQ_DEVICE_BLUETOOTH_BCSP_ADD, 358 KAUTH_REQ_DEVICE_BLUETOOTH_BCSP_ADD,
358 KAUTH_REQ_DEVICE_BLUETOOTH_BTUART_ADD, 359 KAUTH_REQ_DEVICE_BLUETOOTH_BTUART_ADD,
359}; 360};
360 361
361/* 362/*
362 * Credentials scope - actions. 363 * Credentials scope - actions.
363 */ 364 */
364enum { 365enum {
365 KAUTH_CRED_INIT=1, 366 KAUTH_CRED_INIT=1,
366 KAUTH_CRED_FORK, 367 KAUTH_CRED_FORK,
367 KAUTH_CRED_COPY, 368 KAUTH_CRED_COPY,
368 KAUTH_CRED_FREE, 369 KAUTH_CRED_FREE,
369 KAUTH_CRED_CHROOT 370 KAUTH_CRED_CHROOT
370}; 371};
371 372
372/* 373/*
373 * Vnode scope - action bits. 374 * Vnode scope - action bits.
374 */ 375 */
375#define KAUTH_VNODE_READ_DATA (1U << 0) 376#define KAUTH_VNODE_READ_DATA (1U << 0)
376#define KAUTH_VNODE_LIST_DIRECTORY KAUTH_VNODE_READ_DATA 377#define KAUTH_VNODE_LIST_DIRECTORY KAUTH_VNODE_READ_DATA
377#define KAUTH_VNODE_WRITE_DATA (1U << 1) 378#define KAUTH_VNODE_WRITE_DATA (1U << 1)
378#define KAUTH_VNODE_ADD_FILE KAUTH_VNODE_WRITE_DATA 379#define KAUTH_VNODE_ADD_FILE KAUTH_VNODE_WRITE_DATA
379#define KAUTH_VNODE_EXECUTE (1U << 2) 380#define KAUTH_VNODE_EXECUTE (1U << 2)
380#define KAUTH_VNODE_SEARCH KAUTH_VNODE_EXECUTE 381#define KAUTH_VNODE_SEARCH KAUTH_VNODE_EXECUTE
381#define KAUTH_VNODE_DELETE (1U << 3) 382#define KAUTH_VNODE_DELETE (1U << 3)
382#define KAUTH_VNODE_APPEND_DATA (1U << 4) 383#define KAUTH_VNODE_APPEND_DATA (1U << 4)
383#define KAUTH_VNODE_ADD_SUBDIRECTORY KAUTH_VNODE_APPEND_DATA 384#define KAUTH_VNODE_ADD_SUBDIRECTORY KAUTH_VNODE_APPEND_DATA
384#define KAUTH_VNODE_READ_TIMES (1U << 5) 385#define KAUTH_VNODE_READ_TIMES (1U << 5)
385#define KAUTH_VNODE_WRITE_TIMES (1U << 6) 386#define KAUTH_VNODE_WRITE_TIMES (1U << 6)
386#define KAUTH_VNODE_READ_FLAGS (1U << 7) 387#define KAUTH_VNODE_READ_FLAGS (1U << 7)
387#define KAUTH_VNODE_WRITE_FLAGS (1U << 8) 388#define KAUTH_VNODE_WRITE_FLAGS (1U << 8)
388#define KAUTH_VNODE_READ_SYSFLAGS (1U << 9) 389#define KAUTH_VNODE_READ_SYSFLAGS (1U << 9)
389#define KAUTH_VNODE_WRITE_SYSFLAGS (1U << 10) 390#define KAUTH_VNODE_WRITE_SYSFLAGS (1U << 10)
390#define KAUTH_VNODE_RENAME (1U << 11) 391#define KAUTH_VNODE_RENAME (1U << 11)
391#define KAUTH_VNODE_CHANGE_OWNERSHIP (1U << 12) 392#define KAUTH_VNODE_CHANGE_OWNERSHIP (1U << 12)
392#define KAUTH_VNODE_READ_SECURITY (1U << 13) 393#define KAUTH_VNODE_READ_SECURITY (1U << 13)
393#define KAUTH_VNODE_WRITE_SECURITY (1U << 14) 394#define KAUTH_VNODE_WRITE_SECURITY (1U << 14)
394#define KAUTH_VNODE_READ_ATTRIBUTES (1U << 15) 395#define KAUTH_VNODE_READ_ATTRIBUTES (1U << 15)
395#define KAUTH_VNODE_WRITE_ATTRIBUTES (1U << 16) 396#define KAUTH_VNODE_WRITE_ATTRIBUTES (1U << 16)
396#define KAUTH_VNODE_READ_EXTATTRIBUTES (1U << 17) 397#define KAUTH_VNODE_READ_EXTATTRIBUTES (1U << 17)
397#define KAUTH_VNODE_WRITE_EXTATTRIBUTES (1U << 18) 398#define KAUTH_VNODE_WRITE_EXTATTRIBUTES (1U << 18)
398#define KAUTH_VNODE_RETAIN_SUID (1U << 19) 399#define KAUTH_VNODE_RETAIN_SUID (1U << 19)
399#define KAUTH_VNODE_RETAIN_SGID (1U << 20) 400#define KAUTH_VNODE_RETAIN_SGID (1U << 20)
400#define KAUTH_VNODE_REVOKE (1U << 21) 401#define KAUTH_VNODE_REVOKE (1U << 21)
401 402
402#define KAUTH_VNODE_IS_EXEC (1U << 29) 403#define KAUTH_VNODE_IS_EXEC (1U << 29)
403#define KAUTH_VNODE_HAS_SYSFLAGS (1U << 30) 404#define KAUTH_VNODE_HAS_SYSFLAGS (1U << 30)
404#define KAUTH_VNODE_ACCESS (1U << 31) 405#define KAUTH_VNODE_ACCESS (1U << 31)
405 406
406/* 407/*
407 * This is a special fs_decision indication that can be used by file-systems 408 * This is a special fs_decision indication that can be used by file-systems
408 * that don't support decision-before-action to tell kauth(9) it can only 409 * that don't support decision-before-action to tell kauth(9) it can only
409 * short-circuit the operation beforehand. 410 * short-circuit the operation beforehand.
410 */ 411 */
411#define KAUTH_VNODE_REMOTEFS (-1) 412#define KAUTH_VNODE_REMOTEFS (-1)
412 413
413/* 414/*
414 * Device scope, passthru request - identifiers. 415 * Device scope, passthru request - identifiers.
415 */ 416 */
416#define KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_READ 0x00000001 417#define KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_READ 0x00000001
417#define KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_WRITE 0x00000002 418#define KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_WRITE 0x00000002
418#define KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_READCONF 0x00000004 419#define KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_READCONF 0x00000004
419#define KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_WRITECONF 0x00000008 420#define KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_WRITECONF 0x00000008
420#define KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_ALL 0x0000000F 421#define KAUTH_REQ_DEVICE_RAWIO_PASSTHRU_ALL 0x0000000F
421 422
422#define NOCRED ((kauth_cred_t)-1) /* no credential available */ 423#define NOCRED ((kauth_cred_t)-1) /* no credential available */
423#define FSCRED ((kauth_cred_t)-2) /* filesystem credential */ 424#define FSCRED ((kauth_cred_t)-2) /* filesystem credential */
424 425
425/* Macro to help passing arguments to authorization wrappers. */ 426/* Macro to help passing arguments to authorization wrappers. */
426#define KAUTH_ARG(arg) ((void *)(unsigned long)(arg)) 427#define KAUTH_ARG(arg) ((void *)(unsigned long)(arg))
427 428
428/* 429/*
429 * A file-system object is determined to be able to execute if it's a 430 * A file-system object is determined to be able to execute if it's a
430 * directory or if the execute bit is present in any of the 431 * directory or if the execute bit is present in any of the
431 * owner/group/other modes. 432 * owner/group/other modes.
432 * 433 *
433 * This helper macro is intended to be used in order to implement a 434 * This helper macro is intended to be used in order to implement a
434 * policy that maintains the semantics of "a privileged user can enter 435 * policy that maintains the semantics of "a privileged user can enter
435 * directory, and can execute any file, but only if the file is actually 436 * directory, and can execute any file, but only if the file is actually
436 * executable." 437 * executable."
437 */ 438 */
438#define FS_OBJECT_CAN_EXEC(vtype, mode) (((vtype) == VDIR) || \ 439#define FS_OBJECT_CAN_EXEC(vtype, mode) (((vtype) == VDIR) || \
439 ((mode) & \ 440 ((mode) & \
440 (S_IXUSR|S_IXGRP|S_IXOTH))) 441 (S_IXUSR|S_IXGRP|S_IXOTH)))
441 442
442/* 443/*
443 * Prototypes. 444 * Prototypes.
444 */ 445 */
445void kauth_init(void); 446void kauth_init(void);
446kauth_scope_t kauth_register_scope(const char *, kauth_scope_callback_t, void *); 447kauth_scope_t kauth_register_scope(const char *, kauth_scope_callback_t, void *);
447void kauth_deregister_scope(kauth_scope_t); 448void kauth_deregister_scope(kauth_scope_t);
448kauth_listener_t kauth_listen_scope(const char *, kauth_scope_callback_t, void *); 449kauth_listener_t kauth_listen_scope(const char *, kauth_scope_callback_t, void *);
449void kauth_unlisten_scope(kauth_listener_t); 450void kauth_unlisten_scope(kauth_listener_t);
450int kauth_authorize_action(kauth_scope_t, kauth_cred_t, kauth_action_t, void *, 451int kauth_authorize_action(kauth_scope_t, kauth_cred_t, kauth_action_t, void *,
451 void *, void *, void *); 452 void *, void *, void *);
452 453
453/* Authorization wrappers. */ 454/* Authorization wrappers. */
454int kauth_authorize_generic(kauth_cred_t, kauth_action_t, void *); 455int kauth_authorize_generic(kauth_cred_t, kauth_action_t, void *);
455int kauth_authorize_system(kauth_cred_t, kauth_action_t, enum kauth_system_req, 456int kauth_authorize_system(kauth_cred_t, kauth_action_t, enum kauth_system_req,
456 void *, void *, void *); 457 void *, void *, void *);
457int kauth_authorize_process(kauth_cred_t, kauth_action_t, struct proc *, 458int kauth_authorize_process(kauth_cred_t, kauth_action_t, struct proc *,
458 void *, void *, void *); 459 void *, void *, void *);
459int kauth_authorize_network(kauth_cred_t, kauth_action_t, 460int kauth_authorize_network(kauth_cred_t, kauth_action_t,
460 enum kauth_network_req, void *, void *, void *); 461 enum kauth_network_req, void *, void *, void *);
461int kauth_authorize_machdep(kauth_cred_t, kauth_action_t, 462int kauth_authorize_machdep(kauth_cred_t, kauth_action_t,
462 void *, void *, void *, void *); 463 void *, void *, void *, void *);
463int kauth_authorize_device(kauth_cred_t, kauth_action_t, 464int kauth_authorize_device(kauth_cred_t, kauth_action_t,
464 void *, void *, void *, void *); 465 void *, void *, void *, void *);
465int kauth_authorize_device_tty(kauth_cred_t, kauth_action_t, struct tty *); 466int kauth_authorize_device_tty(kauth_cred_t, kauth_action_t, struct tty *);
466int kauth_authorize_device_spec(kauth_cred_t, enum kauth_device_req, 467int kauth_authorize_device_spec(kauth_cred_t, enum kauth_device_req,
467 struct vnode *); 468 struct vnode *);
468int kauth_authorize_device_passthru(kauth_cred_t, dev_t, u_long, void *); 469int kauth_authorize_device_passthru(kauth_cred_t, dev_t, u_long, void *);
469int kauth_authorize_vnode(kauth_cred_t, kauth_action_t, struct vnode *, 470int kauth_authorize_vnode(kauth_cred_t, kauth_action_t, struct vnode *,
470 struct vnode *, int); 471 struct vnode *, int);
471 472
472/* Kauth credentials management routines. */ 473/* Kauth credentials management routines. */
473kauth_cred_t kauth_cred_alloc(void); 474kauth_cred_t kauth_cred_alloc(void);
474void kauth_cred_free(kauth_cred_t); 475void kauth_cred_free(kauth_cred_t);
475void kauth_cred_clone(kauth_cred_t, kauth_cred_t); 476void kauth_cred_clone(kauth_cred_t, kauth_cred_t);
476kauth_cred_t kauth_cred_dup(kauth_cred_t); 477kauth_cred_t kauth_cred_dup(kauth_cred_t);
477kauth_cred_t kauth_cred_copy(kauth_cred_t); 478kauth_cred_t kauth_cred_copy(kauth_cred_t);
478 479
479uid_t kauth_cred_getuid(kauth_cred_t); 480uid_t kauth_cred_getuid(kauth_cred_t);
480uid_t kauth_cred_geteuid(kauth_cred_t); 481uid_t kauth_cred_geteuid(kauth_cred_t);
481uid_t kauth_cred_getsvuid(kauth_cred_t); 482uid_t kauth_cred_getsvuid(kauth_cred_t);
482gid_t kauth_cred_getgid(kauth_cred_t); 483gid_t kauth_cred_getgid(kauth_cred_t);
483gid_t kauth_cred_getegid(kauth_cred_t); 484gid_t kauth_cred_getegid(kauth_cred_t);
484gid_t kauth_cred_getsvgid(kauth_cred_t); 485gid_t kauth_cred_getsvgid(kauth_cred_t);
485int kauth_cred_ismember_gid(kauth_cred_t, gid_t, int *); 486int kauth_cred_ismember_gid(kauth_cred_t, gid_t, int *);
486u_int kauth_cred_ngroups(kauth_cred_t); 487u_int kauth_cred_ngroups(kauth_cred_t);
487gid_t kauth_cred_group(kauth_cred_t, u_int); 488gid_t kauth_cred_group(kauth_cred_t, u_int);
488 489
489void kauth_cred_setuid(kauth_cred_t, uid_t); 490void kauth_cred_setuid(kauth_cred_t, uid_t);
490void kauth_cred_seteuid(kauth_cred_t, uid_t); 491void kauth_cred_seteuid(kauth_cred_t, uid_t);
491void kauth_cred_setsvuid(kauth_cred_t, uid_t); 492void kauth_cred_setsvuid(kauth_cred_t, uid_t);
492void kauth_cred_setgid(kauth_cred_t, gid_t); 493void kauth_cred_setgid(kauth_cred_t, gid_t);
493void kauth_cred_setegid(kauth_cred_t, gid_t); 494void kauth_cred_setegid(kauth_cred_t, gid_t);
494void kauth_cred_setsvgid(kauth_cred_t, gid_t); 495void kauth_cred_setsvgid(kauth_cred_t, gid_t);
495 496
496void kauth_cred_hold(kauth_cred_t); 497void kauth_cred_hold(kauth_cred_t);
497u_int kauth_cred_getrefcnt(kauth_cred_t); 498u_int kauth_cred_getrefcnt(kauth_cred_t);
498 499
499int kauth_cred_setgroups(kauth_cred_t, const gid_t *, size_t, uid_t, 500int kauth_cred_setgroups(kauth_cred_t, const gid_t *, size_t, uid_t,
500 enum uio_seg); 501 enum uio_seg);
501int kauth_cred_getgroups(kauth_cred_t, gid_t *, size_t, enum uio_seg); 502int kauth_cred_getgroups(kauth_cred_t, gid_t *, size_t, enum uio_seg);
502 503
503/* This is for sys_setgroups() */ 504/* This is for sys_setgroups() */
504int kauth_proc_setgroups(struct lwp *, kauth_cred_t); 505int kauth_proc_setgroups(struct lwp *, kauth_cred_t);
505 506
506int kauth_register_key(secmodel_t, kauth_key_t *); 507int kauth_register_key(secmodel_t, kauth_key_t *);
507int kauth_deregister_key(kauth_key_t); 508int kauth_deregister_key(kauth_key_t);
508void kauth_cred_setdata(kauth_cred_t, kauth_key_t, void *); 509void kauth_cred_setdata(kauth_cred_t, kauth_key_t, void *);
509void *kauth_cred_getdata(kauth_cred_t, kauth_key_t); 510void *kauth_cred_getdata(kauth_cred_t, kauth_key_t);
510 511
511int kauth_cred_uidmatch(kauth_cred_t, kauth_cred_t); 512int kauth_cred_uidmatch(kauth_cred_t, kauth_cred_t);
512void kauth_uucred_to_cred(kauth_cred_t, const struct uucred *); 513void kauth_uucred_to_cred(kauth_cred_t, const struct uucred *);
513void kauth_cred_to_uucred(struct uucred *, const kauth_cred_t); 514void kauth_cred_to_uucred(struct uucred *, const kauth_cred_t);
514int kauth_cred_uucmp(kauth_cred_t, const struct uucred *); 515int kauth_cred_uucmp(kauth_cred_t, const struct uucred *);
515void kauth_cred_toucred(kauth_cred_t, struct ki_ucred *); 516void kauth_cred_toucred(kauth_cred_t, struct ki_ucred *);
516void kauth_cred_topcred(kauth_cred_t, struct ki_pcred *); 517void kauth_cred_topcred(kauth_cred_t, struct ki_pcred *);
517 518
518kauth_action_t kauth_mode_to_action(mode_t); 519kauth_action_t kauth_mode_to_action(mode_t);
519kauth_action_t kauth_extattr_action(mode_t); 520kauth_action_t kauth_extattr_action(mode_t);
520 521
521#define KAUTH_ACCESS_ACTION(access_mode, vn_vtype, file_mode) \ 522#define KAUTH_ACCESS_ACTION(access_mode, vn_vtype, file_mode) \
522 (kauth_mode_to_action(access_mode) | \ 523 (kauth_mode_to_action(access_mode) | \
523 (FS_OBJECT_CAN_EXEC(vn_vtype, file_mode) ? KAUTH_VNODE_IS_EXEC : 0)) 524 (FS_OBJECT_CAN_EXEC(vn_vtype, file_mode) ? KAUTH_VNODE_IS_EXEC : 0))
524 525
525kauth_cred_t kauth_cred_get(void); 526kauth_cred_t kauth_cred_get(void);
526 527
527void kauth_proc_fork(struct proc *, struct proc *); 528void kauth_proc_fork(struct proc *, struct proc *);
528void kauth_proc_chroot(kauth_cred_t cred, struct cwdinfo *cwdi); 529void kauth_proc_chroot(kauth_cred_t cred, struct cwdinfo *cwdi);
529 530
530#endif /* !_SYS_KAUTH_H_ */ 531#endif /* !_SYS_KAUTH_H_ */